You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by jh...@apache.org on 2010/09/17 23:05:31 UTC

svn commit: r998323 - /spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf

Author: jhardin
Date: Fri Sep 17 21:05:31 2010
New Revision: 998323

URL: http://svn.apache.org/viewvc?rev=998323&view=rev
Log:
test rule for javascript obfuscation

Modified:
    spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf

Modified: spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?rev=998323&r1=998322&r2=998323&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf Fri Sep 17 21:05:31 2010
@@ -478,4 +478,8 @@ body        DG_SPAMMER_EMAIL_B     /\b[a
 header      DG_SPAMMER_EMAIL_F     From =~ /\b[a-z]{10,30}\.[a-z]{3,10}\@[a-z]{3,10}\.[a-z]{6,30}\.[a-z]{2,4}\b/
 
 
+# Spammers can't include the real name successfully...
+body        __FORGED_FB_USERCP_01  /This message was intended for Want to control which emails you receive from Facebook\?/i
+
+rawbody     OBFU_JVSCR_ESC         /document\.write\(unescape\("(?:%[0-9a-f]{2}){10}/i