WebFaction
Community site: login faq

We've been getting a ton of spam recently that consists only of a single sexually explicit link description to an innocuous URI. Here's one of the least offensive examples. Most are very crude.

<div><a href="http://prayerdancing.ru/15e595b9214bde2904c39f044cc4ec5a/arQE.html">Anime cartoon slut gets censored hardcore</a></div>

I've written a rule which fires on this content - at least the regex works in my regex testing tool.

body SEX_IN_URI  /href.{0,100}(various|sexually|explicit|target|words|here|censored|etc)/i
describe SEX_IN_URI Sexually explicit wording in href

It doesn't seem to be working in Spamassassin (3.3.2, Perl 5.10.1, Scientific Linux 6.2). Can anyone tell me if I have the syntax wrong? Or does a body test not look into HTML?

asked 08 Jun '13, 06:02

wethackrey
12
accept rate: 0%

edited 08 Jun '13, 06:04


Where are you putting the rule? You would normally place filtering rules in the procmail filter field, which has a different syntax.

permanent link

answered 08 Jun '13, 17:15

johns
5.4k412
accept rate: 23%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×3
×3
×1
×1

question asked: 08 Jun '13, 06:02

question was seen: 2,209 times

last updated: 08 Jun '13, 17:15

                              
WEBFACTION
REACH US
SUPPORT
LEGAL
© COPYRIGHT 2003-2020 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM