You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by do...@apache.org on 2008/11/02 03:51:08 UTC

svn commit: r709832 - /spamassassin/rules/trunk/sandbox/dos/70_other.cf

Author: dos
Date: Sat Nov  1 19:51:07 2008
New Revision: 709832

URL: http://svn.apache.org/viewvc?rev=709832&view=rev
Log:
sandbox: rules for domain phishing

Modified:
    spamassassin/rules/trunk/sandbox/dos/70_other.cf

Modified: spamassassin/rules/trunk/sandbox/dos/70_other.cf
URL: http://svn.apache.org/viewvc/spamassassin/rules/trunk/sandbox/dos/70_other.cf?rev=709832&r1=709831&r2=709832&view=diff
==============================================================================
--- spamassassin/rules/trunk/sandbox/dos/70_other.cf (original)
+++ spamassassin/rules/trunk/sandbox/dos/70_other.cf Sat Nov  1 19:51:07 2008
@@ -293,4 +293,7 @@
 
 meta DOS_DEREK_AUG08    __DOS_SINGLE_EXT_RELAY && __DOS_HAS_ANY_URI && __NAKED_TO && __LAST_UNTRUSTED_RELAY_NO_AUTH && SPF_PASS && __TVD_MIME_ATT_TP && __CT_TEXT_PLAIN && (__DOS_MSGID_DIGITS9 || __DOS_MSGID_DIGITS10)
 
+# 20081101 - domain expiration/maintenance phishes
+uri DOS_PHISH_WWW_COM_BIZ	/^http:\/\/www\.[^.]+\.com\.[^.]+\.biz$/
+uri DOS_PHISH_WWW_COM_RU	/^http:\/\/www\.[^.]+\.com\.[^.]+\.ru$/