On Wed, 25 Dec 2024, Pierluigi Frullani wrote:
Hi all, I know it's not really a new subject but I would like to ask how
can I stop url redirect from google.*.
These days I'm receiveind a lot of messages that are really spam, but they
pass trough spamassasin, containing the following:
"url?q=3Dhttps%3A%2F%2F" from several google location ( I mean,
images.google.com, google.es and so on.
Is there any good rule to catch them ( at least to score some value to this
messages ) ?
There are existing google redirect rules. It's possible they may not be
hitting the variants you are seeing.
If you run the message through SpamAssassin with these flags:
--debug area=rules,rules-all
you will get information about which rules and subrules hit. You can use
that to make a meta rule that works better on such messages.
Feel free ot zip up spamples and send them to me directly for review, if
we're missing new variants or some Google domains that would help us
improve our coverage.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
"Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
does quite what I want. I wish Christopher Robin was here."
-- Peter da Silva in a.s.r
-----------------------------------------------------------------------
Today: Christmas
