On 10/12/2011 11:48 AM, dar...@chaosreigns.com wrote: > Which uses it as part of SPOOFED_URL (the "__" in the other rule is > important), which is described as: > "Has a link whose text is a different URL". But that one hasn't made it > into the default rule set yet. Ah, it hits 1.1% of spam but also 0.7% of > non-spam, shame: > http://ruleqa.spamassassin.org/?daterev=20111008-r1180336-n&rule=%2Fspoofed > (it got a T_ prepended to it due to being in testing) > > Wonder what it's hitting in non-spam. And if it could be improved by just > checking for domain mismatch instead of complete url match, if it's not > doing that already.
As noted in the comment right next to the rule, most of those hits are marketing trackers. Another abutting comment notes that LeadLander has a truncation habit that used to cause it to mis-fire. There are also abbreviations, parsing errors (not necessarily from SA), and probably also link shorteners and gags. I was a little out of sync with subversion. This is now fixed. While the new version is a bit better, it's still nowhere near good enough to become a stand-alone rule, even with all the help I tried to give it.
signature.asc
Description: OpenPGP digital signature
