Jim Maul wrote: > > Well, honestly im not even sure about that. I guess what i need to do > is start capturing some of the emails (both ham and spam) we receive > with drug names and do some trial runs with some of the antidrug and > obfu rules to see what the results are. Does anyone know if the obfu > rules would catch stuff like: > <snip> Antidrug misses the HTML table obfuscated drug spams.. Thus far the best tools I've got against html table based obfuscation are SURBL and bayes.
I've not tried any of the SARE obfu rules, however a casual glance at the list of rules and the content of 70_sare_html2.cf doesn't seem to have anything designed for this.
