At 12:48 PM 3/19/2008, Michael Hutchinson wrote:
For those that don't run SA 3.2.3, you could test this rule:
uri CST_URI_BLOGSPOT m,http://\w+\.blogspot\.com\b,
describe CST_URI_BLOGSPOT blogspot.com throwaway URI
score CST_URI_BLOGSPOT 3.4
A few people disagree with this, as it will score against legitimate
email for some domains. I created it for our site as we do not receive
newsletters with blogspot links, so we hose the emails with 3.4 points,
which is enough to push them over the 5.0 threshold, as they score on
other rules too.
Be warned, beware, don't use this unless you're really sure you don't
want blogspot links in emails. Customers might become annoyed.
(Ours haven't, though, and it's been a month).
Blogspot is a spamhaven. I've been back and forth with their clueless
abuse desk, and they've confirmed that basically if they shut down a
blogspot site for spamming, there's nothing to prevent the spammer
from creating the site again.
Oh, sure, it may say "This website has been disabled" - until the
spammer recreates the site.
Kind of like throwing someone in jail, but not locking the cell, and
then going home for the night.
Yes, I've got blogspot spams I've reported 2+ years ago.
Oldest one is 07/26/2005: http://1stpromotion.youknowtherest.com
