What is the status of this plugin? I notice that there is no Bugzilla ticket for this plugin. Do you intend on submitting it for inclusion in future spamassassin upstream?
Would a DoS happen if the scanned e-mail contains 10,000 short URL's, and your mail server is hit by many such mail? (Either spamassasin becomes very slow, or you piss off the short URL provider by hitting them too quickly and often.) Could the plugin detect when there are intentionally too many short URL's? If so, what should it do in such cases? Are there ever legit reasons for an e-mail to have a large number of short URL's? Warren Togami war...@togami.com
