On Sat, Oct 15, 2011 at 12:38 AM, <dar...@chaosreigns.com> wrote:
And I need to remind you that it hits almost as much ham as spam:
http://ruleqa.spamassassin.org/20111008-r1180336-n/T_SPOOFED_URL/detail
I agree it seems like we should be able to improve it. Maybe make
exceptions for known marketing trackers, as Adam Katz mentioned it has
problems with.
On 31.10.11 19:15, Mahmoud Khonji wrote:
just to add a few more suggestions:
* checking whether the anchor's actual URL (href URL) has the modal
domain (a domain that is most frequently linked in the same email),
and if it is not the modal domain then the email is spam.
That's what I've meant in my last ail to this thread. It would
apparently require a SA plugin (not just a simple regexp rule)
but we'd be able allow different domains, e.g. bank example.com bought
bank example.net etc.
* checking the age of the href URL's domain via a Whois lookup (not
all domains have the registration time stamp though), and if the age
falls below certain thresholds then it's spam.
simple meta combining the rule above and DOB would catch this
perfectly.
* checking the domain rank via a search engine, and if the rank falls
below certain thresholds then it's spam.
domain ranking would be just very different rulem could be combined
with those above.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Micro$oft random number generator: 0, 0, 0, 4.33e+67, 0, 0, 0...
