February 15, 2004
spamの最高記録

すごいスパムが来た!7点以上をスパム認定しているが、54.8点!飛び抜けて最高だ。近頃はぬるいスパムが多かったが、パターンマッチングだけでここまで点を稼ぐとはすごすぎ。以下にspamassassinのログをつけておく。ベイジアンフィルタをかければ、間違いなくもっといくな。内容もすごいけど。3+ inchesだって。ありえない!

>>No More lonliness, add 3+ inches

Content preview: NaturalGain+ WILL ENLARGE YOUR PENIS 3+ INCHES
URI:http://gainmeds.biz/images/bottle4.jpg Our NaturalGain+ Penis
Enlargement Pills Will Expand, Lengthen And Enlarge Your Penis 3+
Inches. 100% Satisfaction Guaranteed! Or Your Money Back! [...]

Content analysis details: (54.8 points, 7.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.0 REPLY_TO_ULINE_NUMS Reply-To: has an underline and numbers/letters
1.5 MULTIPART_ALTERNATIVE Multipart/alternative
0.9 FROM_ENDS_IN_NUMS From: ends in numbers
4.4 DATE_SPAMWARE_Y2K Date header uses unusual Y2K formatting
0.6 PENIS_ENLARGE2 BODY: Information on getting larger penis/breasts
0.6 CLICK_BELOW_CAPS BODY: Asks you to click below (in capital letters)
1.2 GUARANTEED_STUFF BODY: Guaranteed Stuff
1.1 BANG_GUARANTEE BODY: Something is emphatically guaranteed
4.2 IMPOTENCE BODY: Impotence cure
1.2 BANG_EXERCISE BODY: Talks about exercise with an exclamation!
1.1 PENIS_ENLARGE BODY: Information on getting larger penis/breasts
4.3 MONEY_BACK BODY: Money back guarantee
0.1 HTML_LINK_CLICK_HERE BODY: HTML link text says "click here"
1.7 HTML_IMAGE_ONLY_06 BODY: HTML: images with 400-600 bytes of words
0.3 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 HTML_FONT_BIG BODY: HTML has a big font
0.5 HTML_LINK_CLICK_CAPS BODY: HTML link text says "CLICK"
1.6 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence between 51 and 100
[cf: 100]
4.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.2 HTML_50_60 BODY: Message is 50% to 60% HTML
0.8 BIZ_TLD URI: Contains a URL in the BIZ top-level domain
3.0 QENCTXT BODY: quoted-printable
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
1.8 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/)
1.1 RCVD_IN_SORBS_HTTP RBL: SORBS: sender is open HTTP proxy server
[66.189.227.155 listed in dnsbl.sorbs.net]
1.1 RCVD_IN_NJABL_PROXY RBL: NJABL: sender is an open proxy
[66.189.227.155 listed in dnsbl.njabl.org]
0.1 RCVD_IN_NJABL RBL: Received via a relay in dnsbl.njabl.org
[66.189.227.155 listed in dnsbl.njabl.org]
0.1 RCVD_IN_SORBS RBL: SORBS: sender is listed in SORBS
[66.189.227.155 listed in dnsbl.sorbs.net]
1.1 RCVD_IN_SORBS_SOCKS RBL: SORBS: sender is open SOCKS proxy server
[66.189.227.155 listed in dnsbl.sorbs.net]
1.1 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org
[]
3.0 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see ]
2.5 RCVD_IN_DYNABLOCK RBL: Sent directly from dynamic IP address
[66.189.227.155 listed in dnsbl.sorbs.net]
1.1 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts
0.3 UPPERCASE_25_50 message body is 25-50% uppercase
1.2 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE
4.3 FORGED_MUA_AOL_FROM Forged mail pretending to be from AOL (by From)
1.8 FORGED_AOL_HTML AOL can't send HTML message only
0.1 MISSING_OUTLOOK_NAME Message looks like Outlook, but isn't

Posted by senyo at February 15, 2004 09:34 PM
Comments
Post a comment
Name:


Email Address:


URL:


Comments:


Remember info?