Everything I saw on a google search showed the exact same Subject line
as your example.
Something along these lines should stop it in its tracks:
header KEZAAMSubject =~ /SecuryTeam Order #117457/
describe KEZAAMSubject of our favorite spam of the day.
scoreKEZAAM4
Set your s
Rolf wrote:
> We are seeing a few of these and I can't come up with a good way to
> stop them.
...
>> Purchased at http://activeconsultants.co.uk/info.html
Submit to SURBL?
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software
You should probably also be aware of this:
http://www.auscert.org.au/render.html?it=5640
http://notices.ucs.uwa.edu.au/virus2.html
http://www.ballarat.edu.au/aasp/is/ict/security/warnings.shtml
Rolf wrote:
Hello
We are seeing a few of these and I can't come up with a good way to stop
them. T
I don't know if there's already a set of rules that might stop this or not.
If all the message bodies are the same, it would be very easy to write a
custom rule for them.
M
Rolf wrote:
Hello
We are seeing a few of these and I can't come up with a good way to stop
them. They currently seem
Hello
We are seeing a few of these and I can't come up with a good way to
stop them. They currently seem to hit no rules much. Sender changes
all the time of course.
Anyone else getting them?
Regards,
rolf.
Message-ID: <[EMAIL PROTECTED]>
Date: Sun, 23 Oct 2005 13:35:02 -0400
To: Rolf <
