New Spam?
Raymond Dijkxhoorn
raymond at prolocation.net
Tue Sep 11 09:28:29 IST 2007
Hi!
>>>> http://files.rheelweb.co.nz/spam.txt
>>>> http://files.rheelweb.co.nz/spam.eml
>>>>
>>>> Cheers
>>> pts rule name description
>>> ---- ----------------------
>>> --------------------------------------------------
>>> 2.6 HTML_OBFUSCATE_10_20 BODY: Message is 10% to 20% HTML obfuscation
>>> 0.0 HTML_MESSAGE BODY: HTML included in message
>>> 0.0 BAYES_50 BODY: Bayesian spam probability is 40 to 60%
>>> [score: 0.5000]
>>> 1.5 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
>>> 1.7 SARE_HTML_USL_OBFU RAW: Message body has very strange HTML
>>> sequence
>>> 3.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
>>> [URIs: advertisingcs.com]
>>>
>>> The original message was not completely plain text, and may be unsafe to
>>> open with some email clients; in particular, it may contain a virus,
>>> or confirm that your address can receive spam. If you wish to view
>>> it, it may be safer to save it to a file and open it with an editor.
>> Curiously when this email came in, it didn't trigger the URIBL rule, yet
>> when I invoke spamassassin from the command line (as the correct user etc)
>> it does fire the URIBL rule.
>> I wonder why this is?
> Assume a MailScanner gremlin listed it.
It magicly ended up in SURBL also.
Bye,
Raymond.
More information about the MailScanner
mailing list