On Monday 11 March 2002 08:24 pm, Michael Moncur wrote: > I think that would be a great addition to SA, although I see more virus > emails formatted like that than actual spam. I'm trying the following in my > custom rules file: > > rawbody HTML_FRAMES /<i?frame /i > describe HTML_FRAMES HTML with an embedded frame > score HTML_FRAMES 4.0
Already there: # many spammers seem to do this nowadays (and probably track # their customers with it). (contrib: WW) rawbody RELAYING_FRAME /<frame\b[^>]+\bsrc=[3D=\s"']*http:\/\//is describe RELAYING_FRAME Frame wanted to load outside URL Though it doesn't detect iframes yet... -- Visit http://dmoz.org, the world's | Give a man a match, and he'll be warm largest human edited web directory. | for a minute, but set him on fire, and | he'll be warm for the rest of his life. [EMAIL PROTECTED] ICQ: 132152059 | _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
