> What about flagging HTML that has: > > <a href=.* onMouseOver="window.status" > > I.e. any links that attempt to intercept onMouseOver events and override > the status window should be flagged as suspect...
That would be nice, but spammers learned long ago (after I wrote rules for
those things) that all you need to do is break the html over two lines and
SA can't catch it, because rawbody can only work on one line at a time.
Loren
