On 10/03/06 10:26 AM, Matt Kettler wrote:
Randal, Phil wrote:
Hi folks,
We're seeing increasing amounts of spam coming in which the email's body
contains seemingly innocuous (but obviously irrelevant) text plus an
email address for more information.
With no urls in the message, uribls are useless...
Currently we've had spams with emails from <whoever> (AT) nicerealmail
.info and <whoever> (AT) marketez-bonds .net.
Currently handling it by adding specific rules as we encounter them, but
there has to be a better way of handling this.
Anyone for emailbls? Or updating uribl to fire on [EMAIL PROTECTED]
email addresses in message bodies?
Thoughts, anyone?
Um... SA should already be treating email addresses in the body as
URIs... Are you sure yours isn't looking up the offending domains
agianst the URIBLs you're using?
I don't believe that's accurate. I know Jeff C. argued that it "wasn't
what SURBL was intended for" so we ended up disabling it.
Personally, I still think email address should be looked up. Either the
domain is bad or it isn't.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4201
Daryl
