Hi all!
Ok, so I figured out exactly what this rule was doing (nice
refresher on reg ex, which I needed anyway) but I have a question. Why is
using control code evidence of spam? Especially because this rule gives 4
points, so it seems like it's considered pretty heavy evidence of spam. I
guess I just don't see the connection. Can anybody help clarify? Thanks.
Here's the exact rule for your reading pleasure:
rawbody HTTP_CTRL_CHARS_HOST
/http\:\/\/[^\/]*[\x00-\x09\x0b\x0c\x0e-\x1f]/
describe HTTP_CTRL_CHARS_HOST Uses control sequences inside a URL's
hostname
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
