You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jh...@apache.org on 2010/09/17 23:05:31 UTC
svn commit: r998323 -
/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Author: jhardin
Date: Fri Sep 17 21:05:31 2010
New Revision: 998323
URL: http://svn.apache.org/viewvc?rev=998323&view=rev
Log:
test rule for javascript obfuscation
Modified:
spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Modified: spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?rev=998323&r1=998322&r2=998323&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf Fri Sep 17 21:05:31 2010
@@ -478,4 +478,8 @@ body DG_SPAMMER_EMAIL_B /\b[a
header DG_SPAMMER_EMAIL_F From =~ /\b[a-z]{10,30}\.[a-z]{3,10}\@[a-z]{3,10}\.[a-z]{6,30}\.[a-z]{2,4}\b/
+# Spammers can't include the real name successfully...
+body __FORGED_FB_USERCP_01 /This message was intended for Want to control which emails you receive from Facebook\?/i
+
+rawbody OBFU_JVSCR_ESC /document\.write\(unescape\("(?:%[0-9a-f]{2}){10}/i