I've been getting at least 5 to 10 SPAM messages a day with a link to some page on uk.geocities.com. I have a large number of extra rules that I keep updated with the RulesDuJour script and these messages have been making it through. The SPAM is so nice it gets marked as ham much of the time. I wrote a rule to catch this. Since doing so not one single SPAM message has made it into my inbox. Here's the rule:
/etc/mail/spamassassin/void_geocities.cf
- Code: Select all
body VOID_GEOCITIES /http\:\/\/uk\.geocities\.com\/.*\/\?/
score VOID_GEOCITIES 5.1
describe VOID_GEOCITIES http://uk.geocities.com/xxxx/?xxxx in body is SPAM
I run Sendmail+clamav+spamassassin for a mail server. I don't know why I run clamav, just a waste of CPU cycles at my house. :)