Got a new spam-sign today that I don't know how to make a rule match on. This
is just another token/word breaking method, however it uses valid html, in
this case it's using the same font over and over again. The message did get
tagged as spam (barely) only as a result of RBL's and the fact that there was
no text/plain part.
---spam sample---
<html>
<body bgcolor=3D"#FFFFFF">
<p><font face=3D"Arial, Helvetica, sans-serif" size=3D"4" color=3D"#FF3333=
"> </font><font size=3D2 ptsize=3D"10"><b><font face=3D"Arial, Helvetica, =
sans-serif" color=3D"#ff0000" size=3D"4">
Fr</font><font face=3D"Arial, Helvetica, sans-serif" color=3D"#ff0000" s=
ize=3D"4">om
D</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"4" color=3D"=
#FF3333">iet
To The Blue Pill</font><br>
</b></font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">A</fon=
t><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">ll
The</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3"> Popula=
r Pr</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">escr</fo=
nt><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">iption
M</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">eds<br>
</font> <font face=3D"Arial, Helvetica, sans-serif" size=3D"3"><b><font =
size=3D"4"><a href=3D"http://allquickmeds4u.com">ClickHere</a></font></b><=
br>
No Fees<br>
</font></p>
<p> </p>
<p> </p>
<p><font size=3D"1" face=3D"Arial, Helvetica, sans-serif"><a href=3D"http:=
//allquickmeds4u.com/evm.htm">ListExclusionHere<br>
</a></font><font size=3D1 ptsize=3D"10" face=3D"Arial, Helvetica, sans-s=
erif">Easylink
Suite1483 9 Tanbark Circuit Werrington Downs NSW 2747 AU</font></p>
</body>
</html>
---spam sample---
is just another token/word breaking method, however it uses valid html, in
this case it's using the same font over and over again. The message did get
tagged as spam (barely) only as a result of RBL's and the fact that there was
no text/plain part.
---spam sample---
<html>
<body bgcolor=3D"#FFFFFF">
<p><font face=3D"Arial, Helvetica, sans-serif" size=3D"4" color=3D"#FF3333=
"> </font><font size=3D2 ptsize=3D"10"><b><font face=3D"Arial, Helvetica, =
sans-serif" color=3D"#ff0000" size=3D"4">
Fr</font><font face=3D"Arial, Helvetica, sans-serif" color=3D"#ff0000" s=
ize=3D"4">om
D</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"4" color=3D"=
#FF3333">iet
To The Blue Pill</font><br>
</b></font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">A</fon=
t><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">ll
The</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3"> Popula=
r Pr</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">escr</fo=
nt><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">iption
M</font><font face=3D"Arial, Helvetica, sans-serif" size=3D"3">eds<br>
</font> <font face=3D"Arial, Helvetica, sans-serif" size=3D"3"><b><font =
size=3D"4"><a href=3D"http://allquickmeds4u.com">ClickHere</a></font></b><=
br>
No Fees<br>
</font></p>
<p> </p>
<p> </p>
<p><font size=3D"1" face=3D"Arial, Helvetica, sans-serif"><a href=3D"http:=
//allquickmeds4u.com/evm.htm">ListExclusionHere<br>
</a></font><font size=3D1 ptsize=3D"10" face=3D"Arial, Helvetica, sans-s=
erif">Easylink
Suite1483 9 Tanbark Circuit Werrington Downs NSW 2747 AU</font></p>
</body>
</html>
---spam sample---