Jason Bertoch wrote:
-----Original Message-----
From: Johann Spies [mailto:jsp...@sun.ac.za]
Sent: Tuesday, February 24, 2009 7:59 AM
To: users@spamassassin.apache.org
Subject: Googlegroups related spam
The following link describes a problem we are experiencing:
http://www.joewein.net/blog/2009/01/21/google-groups-spam-abuse-
reporting-broken/
I am sure I am not the only one having to deal with this kind of
spam. How do you counter it?
Although widely considered a bad idea to have a single rule with the ability
to snipe a message, I've had to resort to the following rule. As luck would
have it, apparently my customer base doesn't often receive legitimate
messages of this sort and I've had no complaints as the score has been
slowly increased. YMMV.
uri JB_URI_GOOGLE m'www\.google\.com($|/group/)'
score JB_URI_GOOGLE 5.0
Same here - I write custom URI rules for such domains that are regularly
abused and give them an appropriate score. I normally score them at
around 60% of the spam threshold score (eg, 3 when spam = 5).
I also follow listed subdomains for the last 5 days here:
http://rss.uribl.com/hosters/index.html
although groups [dot] google isn't listed at present.
Heck, I even have a rule for ALL Chinese tld's (.cn) and that one's very
popular (currently triggering on around 44% of spam with zero FPs for
me! YMMV)
