You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jh...@apache.org on 2018/12/26 22:22:31 UTC
svn commit: r1849780 -
/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Author: jhardin
Date: Wed Dec 26 22:22:31 2018
New Revision: 1849780
URL: http://svn.apache.org/viewvc?rev=1849780&view=rev
Log:
Various rule tweaks
Modified:
spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Modified: spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?rev=1849780&r1=1849779&r2=1849780&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf Wed Dec 26 22:22:31 2018
@@ -1986,6 +1986,11 @@ describe BITCOIN_PAY_ME Pa
score BITCOIN_PAY_ME 2.500 # limit
tflags BITCOIN_PAY_ME publish
+meta BITCOIN_DEADLINE __BITCOIN_ID && __HOURS_DEADLINE && !BITCOIN_EXTORT_01
+describe BITCOIN_DEADLINE BitCoin with a deadline
+score BITCOIN_DEADLINE 2.500 # limit
+tflags BITCOIN_DEADLINE publish
+
meta BITCOIN_MALWARE __BITCOIN_ID && __MY_MALWARE && !BITCOIN_EXTORT_01 && !__NOT_SPOOFED
describe BITCOIN_MALWARE BitCoin + malware
score BITCOIN_MALWARE 3.000 # limit
@@ -2181,7 +2186,7 @@ endif
rawbody __HTML_SINGLET />\s*(?:[a-z"]|&\#(?:\d+|x[0-9a-f]+);)\s*</i
tflags __HTML_SINGLET multiple, maxhits=21
meta __HTML_SINGLET_MANY __HTML_SINGLET > 20
-meta HTML_SINGLET_MANY __HTML_SINGLET_MANY && !__STY_INVIS_MANY && !__RCD_RDNS_MTA_MESSY && !__NOT_SPOOFED && !ALL_TRUSTED
+meta HTML_SINGLET_MANY __HTML_SINGLET_MANY && !__STY_INVIS_MANY && !__RCD_RDNS_MTA_MESSY && !__NOT_SPOOFED && !__FEES && !ALL_TRUSTED
describe HTML_SINGLET_MANY Many single-letter HTML format blocks
score HTML_SINGLET_MANY 2.500 # limit
tflags HTML_SINGLET_MANY publish
@@ -2470,7 +2475,7 @@ describe UNICODE_OBFU_DOM_NO_BODY Un
#uri __URI_PHP_LOGIN /\blogin\.php/i
meta __FREEM_FRNUM_UNICD_EMPTY FREEMAIL_FROM && __FROM_ALL_NUMS && __FROM_ENCODED_B64 && __SUBJECT_ENCODED_B64 && __EMPTY_BODY
-#header __SUB_END_NUMSCOM Subject =~ /[0-9]{6,}c[0o]m$/i
+header __SUB_END_NUMSCOM Subject =~ /[0-9]{6,}[-\s]?c[-\s]?[o0][-\s]?m$/i
#meta FREEM_FRNUM_UNICD_EMPTY __FREEM_FRNUM_UNICD_EMPTY && !__SUB_END_NUMSCOM
meta FREEM_FRNUM_UNICD_EMPTY __FREEM_FRNUM_UNICD_EMPTY