Lately I've been getting spams with very low (or zero) scores, written in plain-text grammatical english, with no technical errors in the headers, clean routing chains and valid DNS records (afaik) as the originators. My setup is SA 2.63 with razor, no bayes (yet -- not enough spams), a couple SARE rules and others (complete list at end of message). Since I've been getting the same messages every day for about a week (they all started the same day, too.....) I've written custom rules which search the body for refifast.biz and gozealgaming.com and add large scores to them.
These seem like "The spams of the future". I don't know how else to target them. Is this the right way to solve this problem? Piecemeal highly-specific rules that I write by hand to address certain individual spams? Thanks for any suggestions, Brandon cf files in my local directory: /etc/mail/spamassassin/71_sare_redirect_pre3.0.0.cf /etc/mail/spamassassin/99_sare_fraud_post25x.cf /etc/mail/spamassassin/antidrug.cf /etc/mail/spamassassin/chickenpox.cf /etc/mail/spamassassin/local.cf
