Greetings list!
I've been sitting on this one for a while, hoping an update would be
released in one of the sa-update channels... but it seems that users are
complaining about the continued high false negative identification of
spam messages containing only a google.com, googlepages.com, or
google.co.uk (etc) URI redirect to a spammer's site (sometimes a
spammed-owned googlepages account or a ?q= or ?search= type redirect).
Sometimes I get network digest check hits or SURBL hits, but all too
often, these messages make it through.
What's the best way to identify these messages? Do I need to write a
redirector_pattern for these Google-related URI redirects, or is there
more to it than that? What are you folks doing at your sites?
Thanks in advance.
- Google URI Redirector Spam Ben Lentz
-
