I've noticed a new wave of spam with obfuscated URLs lately. There seem to be a lot of them, and they are getting pretty fancy EG:
href="http://www.g%65%6f%63%69t%69es.%63o%6d%2fto%70so%66t%77%253fh%2569%257%34%2e%25%36%33tr%2e%2540%2565s.g%65%6f%256%33i%2574%256%39%256%35%2573.%25%36%33om%252f%256eu%255%66%257%30%257%34%253%66hit%252e%2563%74r.@home%2ee%61r%74h%6ci%6ek%2enet/%7eno%76i9?hit.ctr.@%6de%6db%65%72%73%2etripod%2ec%6fm/%7ecart7"; Anything with a '%' in the FQDN part of a URL would qualify as an obfuscated URL, no? Would something like this be hard to detect with a regex? Regards, Bill _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
