spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From MAYER Hans <>
Subject RE: RE: New type of SPAM aggression
Date Tue, 12 Feb 2019 09:44:02 GMT

Dear Rupert,

Many thanks for your configuration you posted.
I installed your ruleset but unfortunately it didn’t not trigger. I run “spamassassin
-D  < “ redirecting from a text file too and it doesn’t show this rule. But other local
rules are triggered which I add. Obviously it does not recognize these url’s. I played around
a little bit with the “full” statement but without success. Also with a simplified regex.
Finally I saw you missed an underscrore in “meta” statement. It should be:  meta   TMU
( __HAS_URI > 10 )
And the “full”  statement should be:   full __HAS_URI /(http|https):\/\//

I post this to the mailing list because it could be useful for others too.

This is the mail body with which I made some tests: ajnsxz befghkp
ailswy efjqsxy dfhtv
<>  begimrv <>
 jlprv efhsz dgiqs
<>  bgiprx <>
cdklmqv <>  adgnowz <>  cfjnorty
<>  bcfhpqvy <>

I learned a lot. Your reply was very helpful.

Kind regards

From: Rupert Gallagher <>
Sent: Thursday, February 7, 2019 7:37 PM
To: MAYER Hans <>; SA <>
Subject: Re: RE: New type of SPAM aggression

full __HAS_URI /(http|https):///
tflags __HAS_URI multiple
meta   TMU ( _HAS_URI > 10 )
describe TMU Too many URIs (>10)
score TMU 5.0

On Thu, Feb 7, 2019 at 09:12, MAYER Hans <<>>

> … All emails were spam with links. …

We receive such spam mails with a lot of links too.
Is there a rule which detects a certain amount of links inside an e-mail ?

View raw message