On 09/25, John Hardin wrote: > This topic comes up regularly enough that it should be a FAQ.
Yeah. I haven't read this thread enough to know if it's been said, but here's a previous thread on the subject: http://spamassassin.1065346.n5.nabble.com/antiphishing-td52027i20.html And the existing rules: ruleqa.spamassassin.org/?rule=%2Fspoofed_url MSECS SPAM% HAM% S/O RANK SCORE NAME WHO/AGE 0 1.9104 0.4468 0.810 0.55 0.01 T_SPOOFED_URL_HOST 0 1.9456 0.5844 0.769 0.53 0.01 T_SPOOFED_URL 0 2.0437 3.6954 0.356 0.37 (n/a) __SPOOFED_URL_HOST 0 2.0917 4.0246 0.342 0.36 (n/a) __SPOOFED_URL Although, as John mentioned, this wasn't targeting specific domains. If rules that you come up with do actually work for you, please submit them for inclusion in spamassassin QA, to see if they work well enough to include in future sa-updates. -- "Blessed are the cracked, for they shall let in the light." http://www.ChaosReigns.com
