On Monday, December 6, 2004, 7:35:30 AM, Chris Santerre wrote: >>From: RD [mailto:[EMAIL PROTECTED]
>>I've seen spams where spammers are using >>"Cut&Paste_this_URL_to_your_browser" method reason why spamassassin >>won't trigger SURBL database lookup. >> >>Is there a known workaround to catch this non-clickable URIs >>and trigger >>SURBL lookup? > This is in the form of www . domain . com > It was mentioned on the SURBL list, and I wrote a quick and dirty SA rule > for it. Initial tests were dissmal. > Found 2 ham: >> http :// www . drugstore . com / ivd0324 >> header copied into the body of a forward: >> X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang) > Also hit 12 spam out of around 70k. > A little more testing needed. But I think this shows that it isn't worth the > rule. The links break and require end lusers to not only copy and paste, but > edit the link to remove the spaces. Clearly more then most users would do. Yeah and it could cause them to pause and actually think about what they're doing, which no spammer would want to happen. :-) Jeff C. -- Jeff Chan mailto:[EMAIL PROTECTED] http://www.surbl.org/
