On Tuesday 19 March 2002 12:57 pm, Craig Hughes wrote: > Actually, something I've noticed is that otherwise legitimate-looking > email frequently gets tripped up by an ad tacked on the bottom of the > mail -- this happens with mailing lists trying to support themselves, > but also with things like Yahoo mail or hotmail inserting their stuff at > the bottoms of messages. I've been trying to think of a way to spot > those "semi-spam" sig's and not score them as high, without giving an > easy way for spammers to sneak through. Any thoughts?
Well, Yahoo! groups has ads in like this: ------------------------ Yahoo! Groups Sponsor ---------------------~--> Buy Stock for $4. No Minimums. FREE Money 2002. http://us.click.yahoo.com/BgmYkB/VovDAA/ySSFAA/0NYolB/TM ---------------------------------------------------------------------~-> While this didn't trigger any anti-spam rules, it very well could. "FREE Money" just screams "Spam!", and "Buy Stock" and "No Minimums" also seem spammish; things like this could make it into the ruleset. It shouldn't be too hard to make a rule (regexp or eval) that looks for the ad start line, three to four lines of text, a Yahoo! URI, and the ad end line. A spammer *could* hide stuff in there, but it would look awful weird. However, we'd have to make this work with many different text-ad formats, and my gut feeling is that this would be computationally expensive. Seems like it would be easier to make a contrib rules file with whitelist_to rules in it, which an admin could use if his/her users were getting to many false positives. I've already used whitelist_to for sourceforge.net and yahoogroups.com -- Visit http://dmoz.org, the world's | Give a man a match, and he'll be warm largest human edited web directory. | for a minute, but set him on fire, and | he'll be warm for the rest of his life. [EMAIL PROTECTED] ICQ: 132152059 | _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
