Would it be possible to come up with a rule for those random things that are the final lines of a lot of spams? These are the kind of things that break razor, since the hash is different.
I cut some samples out of some recent spams: 2720IGVV3-313KAAA5557ymez4-032l28 2968HyRF6-424hl13 7347ZCuj5-778Tacj7769jcrJ5-644fJl30 7027pnJT5-732RyJK3563YhXs7-879RJlg2415DElH2-878NnAY7643XEFD0-480URWj3431hJFJ9-205ztl78 [6359MQMK5-455yLeL8198UCEz2-647MOlg6683VJyf3-985FWpt5691AFwW7-021KXlB7886ayMX8-@73] 95491 3235 5761XAUy8-724HnxY5860hloK1-665PwXu4065pvLd9-368yqwh1810HDwl55 Is there a way to detect these, yet still distinguish them from encoded messages? I've also noticed a series of spams that put some random person's name at the end of the html at the end of a message. So, it looks like </html> roger <eof> Also, would it be worth cataloging all of the known spamvertised websites and make a rule to catch those. They do change providers all the time, but the domain names stay the same. If I see domains like (to name just a few), MortgageFinder-Usa.com bluemoon22.com farmygirls.com I would expect these to get big spam scores. Kerry. __________________________________________________ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
