Howdy, Lately I've been getting a lot of spam like this:
http://pastebin.com/m58b01a0b http://pastebin.com/me13959a The domain changes, but it's virtually always in the .de TLD ("somedomain.de"). RelayCountries has this to say about that message (I'm in the US, btw): [31067] dbg: metadata: X-Relay-Countries: GB They don't seem to trigger any remote tests at all.... DNSBLs, URIBLs, Pyzor, Razor, or Botnet. The only local tests triggered are BAYES_99, MIME_HTML_ONLY, and a custom test I wrote which triggers when it sees the word 'drugstore' in the body, in all caps. Any ideas on how to make this a more solid hit? Anyone else seeing this? Thanks, Jake
