Hi, I've found a few messages with google translate redirects to pharma spam and need help writing a rule. It already hits HTTP_EXCESSIVE_ESCAPES, HTTP_ESCAPED_HOST, and running SA through debug shows:
http://google.fi/translate?hl=en&u=85.%325.%3235.93/cmntipxsl95.php but the (raw)body of the message is http://google.fi/%74%72%61%6E%73l%61%74%65?hl=3D%65n&u=3D8%35.%%33=25.%%332%33%35.%393/cmntipxsl95.php How is it that google is allowing these redirects in the first place? How can I write a more specific rule than my generic "catch everything after the slash, until the php" pattern? Thanks, Alex
