Contents of /trunk/spamassassin_config/common/url_spam

# -*- mode: spamassassin -*-
# joy, 2003-06-29
body ORIENTSKY                  /orient-sky\.com/
describe ORIENTSKY              Japanese spam
score ORIENTSKY                 4

# joy, 2003-07-06
body PACHETES                   /www\.pachetes\.com/
describe PACHETES               Spanish spam
score PACHETES                  4

# cjwatson, 2003/07/12
body NO_MORE_ACCENT             /www\.no-more-accent\.com/
describe NO_MORE_ACCENT         No More Accent spam
score NO_MORE_ACCENT            4

# joy, 2003-08-15
header FETHARD                  Subject =~ /fethard.biz/i
describe FETHARD                Spam from Fethard.biz
score FETHARD                   4

# joy, 2003-10-21, 2003-10-31
body PHARMACYSPAM3      /http:\/\/www\.rx(salenow|ville)\.biz/i
describe PHARMACYSPAM3  pharmacy spam 3
score PHARMACYSPAM3     4

# cjwatson, 2004-01-13
# blarson, any number 2004-04-01
# blarson, more ajustmets 2004-04-03
body HREF_NNNN          /www\.\d{3,5}hosting\.com/
describe HREF_NNNN      www.NNNNhosting.com spam
score HREF_NNNN         3

# cjwatson, 2004-02-16
body SOCCER_MOMS        /www\.soccer-moms\.biz/
describe SOCCER_MOMS    Porn spam
score SOCCER_MOMS       4

# cjwatson, 2004-02-22
body MRSM_TILO          /mrsm-tilo\.com/
describe MRSM_TILO      Medical spam
score MRSM_TILO         4

# cjwatson, 2004-02-27
body FAST_ACTING        /fast-acting\.com/
describe FAST_ACTING    Viagra spam
score FAST_ACTING       4

# blarson 2004-04-04
body COMCLICKPH         /com-click\.com\.ph/
describe COMCLICKPH     PH spam gang
score COMCLICKPH        4

# blarson 2004-05-01
body MEDS675            /(675meds|medsarergreat)\.com/i
describe MEDS675        More drug spam
score MEDS675           3

# blarson 2004-04-30
body ERHOME             /erhome\.com/i
describe ERHOME         loan spammer
score ERHOME            3

# blarson 2005-04-27
body CANDYHOS           /\.(?:candyhos\.com|(?:mycountry|polty|make4u)\.cc|puchiphoto\.org|purepure\.org)\//i
describe CANDYHOS       spams from korea, hosts in japan
score CANDYHOS          5

# blarson 2005-12-08
# don 2007-11-21 -- combine other rule; increment score
# don 2009-02-17 -- increase score even more; ditch http
uri GEOCITIES           /geocities/i
describe GEOCITIES      geocities uri
score GEOCITIES         3

# blarson 2005-12-24
body EMPTYURL           /\bhttp:\/\/(?:www\.)?$/i
describe EMPTYURL       empty URL
score EMPTYURL          1.5

# blarson 2006-02-06
body AMPRO              /www\.amateurprovideo\.info/i
describe AMPRO          bug submitting spammer
score AMPRO             5

# blarson 2007-04-03
body IMAGESHACK         /\/img\d+\.imageshack\.us\//i
describe IMAGESHACK     shack attack
score IMAGESHACK        3.5


# dla 2007-04-03
header MSOUTLOOK        x-mailer =~ /Microsoft\s+Outlook/i
describe MSOUTLOOK      Microsoft Outlook
score   MSOUTLOOK       0

meta SHACKOUTLOOK       IMAGESHACK && MSOUTLOOK
describe SHACKOUTLOOK   shack'ed to outlook
score SHACKOUTLOOK      2

# blarson 2007-04-09
body UNSUBG             /\bwww\.guiaartistica\.com\.ar\b/
describe UNSUBG         spamming bts with unsubscribe messages
score UNSUBG            14

# blarson 2007-05-14
body IMGCLOSET          /\bhttp\:\/\/.*\b((image(closet|thrust|hosting)|mypicshare|tinypic|fileanchor|imgspot)\.com|bilder-hosting\.de|saunalahti\.fi|upload2\.net|imagehost\.ro)\b/i
describe IMGCLOSET      closet spammer
score IMGCLOSET         3.5

# blarson 2007-05-17
body TROUBLEDE          /\bhttp\:\/\/www\.TroubleAgent\.de\b/
describe TROUBLEDE      troubleagent.de spam
score TROUBLEDE         3.5

# don 2007-05-24
body BESTLOANS          /www.bestmortloans.com/i
describe BESTLOANS      Best loans url
score BESTLOANS         2

# blarson 2007-07-22 2007-09-12
body PENPRO             /\@(?:penmailpro|OnsetIng|openprotection|NearOut|SuperOnset|medicalgloveonline|YourOnset|GreatGloveCell|thegloveworks|asiafriendworld|NaturalImprove|charmshine|healthinsweb)\.info\b/i
describe PENPRO         penmailpro spam
score PENPRO            3.5

# blarson 2007-09-05 2007-09-11 2009-04-12
body WWWCN              /\b(?:www\.|https?\:.*)(\w|-|\.)+\.cn\b/i
describe WWWCN          chinese web site
score WWWCN             3

# cjwatson, 2002/04/04
body EMAILOFFER                 /www\.emailoffer\.us/
describe EMAILOFFER             Gibberish HTML spammers
score EMAILOFFER                4.0

# cjwatson, 2002/04/08
body JUSTYAK                    /www\.JustYak\.com/
describe JUSTYAK                JustSpam
score JUSTYAK                   4.0

# blarson 2007-09-10
body SIZMATZ            /\bsize-matterz\.com\b/i
describe SIZMATZ        size matterz
score SIZMATZ           3

# blarson 2007-09-10
body EMAGX              /\bhttp\:\/\/emagx\.net\b/i
describe EMAGX          wondercum spammer
score EMAGX             3.5

# blarson 2007-09-13
body FREENFL            /\bhttp\:\/\/freeNFLtracker\.com\b/i
describe FREENFL        nfl spam
score FREENFL           3

# blarson 2007-09-13
body SPAMARREST         /\bhttp\:\/\/www\.spamarrest\.com\b/
describe SPAMARREST     forwards thier spam problem
score SPAMARREST        4

# blarson 2007-09-14
body FROMAD             /\bhttp\:\/\/(?:budhipps|fromad|conavel|cliensy|comnoe|mybudshop)\.com\b/i
describe FROMAD         more penis spam
score FROMAD            4

# blarson 2007-09-17
body MYCHEAP            /\b(?:my)?cheap(?:xp|adobe)?(?:oem|soft)+(?:now|ware)?(?:(?:4|for)?less)?\d*\s*\.\s*com\b/i
describe MYCHEAP        software spam
score MYCHEAP           4

# blarson 2007-09-16
body WWWRU              /\b(?:www\.|https?\:.*)\w+\.ru\b/i
describe WWWRU          russian web site
score WWWRU             2

# blarson 2007-09-24
body VIPSMS             /\bvipsms\.org\b/i
describe VIPSMS         vipsms.org
score VIPSMS            4

# don 2007-10-01
header MAKEUP           subject =~ /makeup\.com/i
describe MAKEUP         makeup.com url
score MAKEUP            3

# blarson 2007-10-04
body SUBT               /\bsubtracthold\.com\b/i
describe SUBT           subtracthold.com
score SUBT              4

body GRAPHICMAIL        /\bhttp\:\/\/www\.graphicmail\.de\b/i
describe GRAPHICMAIL    graphicmail.de
score   GRAPHICMAIL     4


body WWWRO              /\b(?:www\.|https?\:.*)\w+\.ro\b/i
describe WWWRO          romanian web site
score WWWRO             2

# blarson 2007-10-10
body CLEANDOM           /http\:\/\/\{_clean_domains\}/
describe CLEANDOM       broken spamware
score CLEANDOM          4

# blarson 2007-10-11
body SOFTNLSE           /\bsoftnlse\s*\.\s*com\b/i
describe SOFTNLSE       softnlse.com
score SOFTNLSE          4

# blarson 2007-10-13
body MUSVID             /\b(?:MusicAndVideoWorld|usa-bestsellers)\.com/i
describe MUSVID         MusicAndVideoWorld.com
score MUSVID            4

# blarson 2007-10-16
body PLATSOFT           /\btheplatinumsoft\.com\b/i
describe PLATSOFT       theplatinumsoft.com
score PLATSOFT          4

# blarson 2007-10-22
body BLOGSPOT           /\bblogspot\.com\b/i
describe BLOGSPOT       spammers are hosting on blogspot
score BLOGSPOT          3

# blarson 2007-10-25
body PILLUS             /PILL-US\.COM\b/i
describe PILLUS         PILL-US spam
score PILLUS            4

# blarson 2007-10-25
body BETWEENTO          /\bhttp\:\/\/betweento\.com\b/i
describe BETWEENTO      betweento.com
score BETWEENTO         4

# don 2007-10-25
body MASZON             /mc?a(szon|yvidol|ttk)\.(com|org|net)/i
describe MASZON         pron spam
score MASZON            4


# blarson 2007-10-27
body GMAIL              /\@gmail\.com\b/i
describe GMAIL          @gmail.com
score GMAIL             1

# blarson 2007-10-28
body MAILRU             /\@mail\.ru\b/i
describe MAILRU         @mail.ru
score MAILRU            3

# blarson 2007-10-31
body ADOBE4LESS         /\b(?:adobe4less|realnewsoft|newmicrosoftdeals|kvaka-soft)\s*[.,]\s*com\b/i
describe ADOBE4LESS     adobe4less . com
score ADOBE4LESS        4

# blarson 2007-11-01
body RMAPPLY            /http\:\/\/rmapply\.com\b/i
describe RMAPPLY        http://rmapply.com
score RMAPPLY           4

# blarson 2007-11-04
header HANOIFASH        subject =~ /WWW\.HANOI-FASHION\.COM/i
describe HANOIFASH      WWW.HANOI-FASHION.COM
score HANOIFASH         4

# blarson 2007-11-06
body ONLINEMED          /\b(?:onlinemedicalkey|pharm\w*|webvinz|wendebay|webdcd|vowelstep|wclth|duringgear|broadbasic|instantsuffix|magnetdouble|drugsdirecteat)\s*\.\s*com\b/i
describe ONLINEMED      onlinemedicalkey.com
score ONLINEMED         4

# blarson 2007-11-15
body GETUP              /\bgetupgradednow\.com\b/i
describe GETUP          getupgradednow.com
score GETUP             4

# blarson (pusling's idea) 2007-11-16
body SPACECOM           /^[\w\d]+\s\.\scom\b/
describe SPACECOM       whatever . com
score SPACECOM          3

# don -- flowgoaway.com doesn't appear to be a working RBL anymore (if it ever was?)
# blarson 2007-11-20
# uridnsbl URIBL_FLO    flowgoaway.com. A
# body  URIBL_FLO       eval:check_uridnsbl('URIBL_FLO')
# describe URIBL_FLO    web site in flowgoaway.com
# tflags        URIBL_FLO       net
# score URIBL_FLO               1

# blarson 2007-11-20
body SOFTROU            /\bwww\.softrou\.com\b/i
describe SOFTROU        www.softrou.com
score SOFTROU           3

# blarson 2007-11-20
body GOOGLEPAGES        /\bgooglepages\.com\b/i
describe GOOGLEPAGES    spammers use googlepages
score GOOGLEPAGES       2

# blarson 2007-12-07
body SOFTBESTGRAND      /\bsoft(?:bestgrand|wareonlinemuch)\.com\b/
describe SOFTBESTGRAND  softbestgrand.com
score SOFTBESTGRAND     4

# blarson 2007-12-10
body PCSOFTCHEAP        /\b(?:pcsoftcheap|cheapezsoft|cheapsoftxp|adobe4cheap|phonowa|saleonsoftware|bestdealoem|realcheapsoft|krasniyles|cheapxp4pc|supercheapoem|lowpriceoem|realcheapoem|cheapadobedeal|softwarefoundation|2008oem|xpxmas|cheap2008soft|snowysoftware|2008adobe|adobe2008|cheapgetsoftone|x(?:higher|main|prime)(?:soft|software|easy)|softonlinepc|andsoftware|softonlinedownload|kunchakoem|erhere\w|kiroemch|phonowd|cheap(?:soft|oem|software)here|softwarenowprox|xprosoftonlinedl|siniyglaz|popandosoem|xsoftprodepot|triudava|krasniynos|fastsoftnow|cheapeasy(soft|oem|software)|ezadobenow|softnowpromohere|primenetsofthe|nowinstantsoftieq|isktesoft|best(?:oem|soft|software)2008|new2008(?:soft|oem|software)|fastez(?:soft|oem|software)|ezfast(?:oem|soft|software)|2008(?:micro)?softdeals|oemfactorysale|nbuysoft|softnuhere|softsale2008|softwintersale|blatnoyoem|svedsoft|gsxoempromo|getmicrosoftfast|adobeoemsale|xp4(?:cheap|less)|xpoemnow|buycheapxp|alloem4less|lun(?:soft|oem|software)|(?:new|fast)xp(?:soft|oem|software)|frukanoka|softcheap(?:n[eo]w|xp)|adobe(?:web|blog|new)(?:soft|spot|deal))\s?\.\s?(?:com|net)\b/
describe PCSOFTCHEAP    pcsoftcheap. com
score PCSOFTCHEAP       4

# blarson 2007-12-11
body GOLDGAME           /\b(?:gamblingplacegold|goldgamesite|topgamingsite|richbestgaming|luxgoldgaming)\.(?:net|com)\b/
describe GOLDGAME       gambling sites
score GOLDGAME          4

# blarson 2007-12-14
body ENLARGETW          /\b(?:enlarge|0rz)\.tw\b/
describe ENLARGETW      enlarge.tw
score ENLARGETW         4

# blarson 2007-12-15
body POSTTHROUGH        /\b(?:postthrough|speedgrand|certaincoast)\.com\b/
describe POSTTHROUGH    postthrough.com
score POSTTHROUGH       4

# blarson 2007-12-25
body UHAVE              /\b(?:uhavepost|happy(?:santa)?|newyear|familypost|fresh|post)cards?-?(?:2008)?\.com\b/
describe UHAVE          uhavepostcard.com
score UHAVE             4

# blarson 2007-12-26
body RUSSWIFE           /\b(?:your|best|new|the|my)(?:russ[il]an?|address|russ)(?:wife|bride)\.info\b/
describe RUSSWIFE       yourrussianwife.info
score RUSSWIFE          4

# blarson 2007-12-31
body HAPPY2008          /\b(?:happy2008toyou|hellosanta2008|hohoho2008|santawishes2008)\.com\b/
describe HAPPY2008      happy2008toyou.com
score HAPPY2008         4

# blarson 2008-01-02
body BONGHIT            /\b(?:beaverbonghits|dobongworld)\.com\b/
describe BONGHIT        beaverbonghits.com
score BONGHIT           4

# blarson 2008-01-02
body GOOGLESEARCH       /\bgoo+gle\.(com|\w\w|com?\.\w\w)\/+(?:search|pagead)/i
describe GOOGLESEARCH   google search URL
score GOOGLESEARCH      2

# blarson 2008-01-02
body SIGAS              /\b(?:Sigashash|Reelhotsi|Erisgoonti|Erisgoners|Freesignsies|Rielhotties|Foredroons|Feeshoons|Erisgant|hapburge|wuimooed|jiuezdoo|goingoinghom|buloies|Poeshages|Rueshabesoo|clitoriseries|clitorina|glueplot|crumbtost|ideaputs)(?:\.|\=2E)com\b/
describe SIGAS          www.Sigashash.com
score SIGAS             4

# blarson 2008-01-05
body RUSSIABRIDE        /\bruss[il]an?(bride|wife)(?:home|live|blog|)\.info\b/
describe RUSSIABRIDE    russiabridehome.info
score RUSSIABRIDE       4

# blarson 2008-01-14
body REDMEHS            /\bwww\.(?:redmehs|feltas|barataslo|quasibot|tageshes|flessimo|spendhope|instrumentstart)\b/
describe REDMEHS        www.redmehs
score REDMEHS           4

# blarson 2008-01-15
body MYURL              /\bmyurl\.com\.tw\b/i
describe MYURL          myurl.com.tw
score MYURL             3

# blarson 2008-01-28
body W0MEN              /w0men\.info\b/i
describe W0MEN          hotw0men.info ukrw0men.info
score W0MEN             3

# blarson 2008-01-29
body ACEMST             /\bacemst\.com\b/
describe ACEMST         acemst.com
score ACEMST            3

# blarson 2008-02-01
body GALSINFO           /\b(?:foreigngals|californiaimprove)\.info\b/i
describe GALSINFO       foreigngals.info
score GALSINFO          3

# blarson 2008-02-06
body RIDGEST            /\bridgest\.com\b/
describe RIDGEST        ridgest.com
score RIDGEST           4

# blarson 2008-02-16
body SOFTROI            /\bsoft(?:roi|ove)\.com\b/
describe SOFTROI        softroi.com
score SOFTROI           4

# don 2008-02-23
body FILEZONE           /(file-zone.co.uk|File-Zone)/
describe FILEZONE       File-Zone
score FILEZONE          2

# blarson 2008-02-28
body X2J1F              /\b2j1f\.com\b/i
descrIbe X2J1F          2j1f.com
score X2J1F             4

# blarson 2008-02-28
body ILVE               /\bilveant\.net\b/i
describe ILVE           www.ilveant.net
score ILVE              4

# don 2008-03-04
body  VIDEOFILBMS       /www\.videofilbms\.cn/i
describe VIDEOFILBMS    video filbms url
score    VIDEOFILBMS    4

# blarson 2008-03-05
body ABESOFT            /\bca.abesoft\.com\b/i
describe ABESOFT        www.cazabesoft.com etc.
score ABESOFT           4

# blarson 2008-03-06
body STARLEYT           /\bstarleyt\.com\b/i
describe STARLEYT       starleyt.com
score STARLEYT          4

# blarson 2008-03-07
body URLOEM             /\bhttp\:\/\/\{/
describe URLOEM         http://{urloem2}
score URLOEM            3

# blarson 2008-03-12
body WILDERGO           /\b(?:WilderGoLovan|golovable|BestGolova|SuperGolovaWorld)\.com\b/i
describe WILDERGO       WilderGoLovan.com
score WILDERGO          4

# don 2008-03-17
body PROGOLD            /\bprogold-inc\.com\b/i
describe PROGOLD        progold-inc.com
score PROGOLD           4

# blarson 2008-03-18
body KMINU              /\b(?:kminutte|rubstream)\.com\b/i
describe KMINU          kminutte.com
score KMINU             4

# don 2008-03-19
body SCIJOURNALS        /\bsciencejournals\.info\b/i
describe SCIJOURNALS    scientific journals
score SCIJOURNALS       4

# blarson 2008-03-19
body JANEHOT            /\bjane\d[\w\d]*\@hotmail\.com\s*$/
describe JANEHOT        jane*@hotmail.com
score JANEHOT           3

# blarson 2008-03-20
rawbody BIFUTRA         /\b(?:bifutra|veriapoli|xenifeao|toporaig|jieros|bifreca|werikine|incroomise|genbullenst|writeprovide)(?:\.|\=2E)com\b/
describe BIFUTRA        spammer web sites
score BIFUTRA           4

# don 2008-04-02
body LONGLINEURL        /^.{55,}\S\shttp:\/\/www\.\w+\.(?:com|net|org)\/\s*$/
describe LONGLINEURL    long line ending in a simple url
score LONGLINEURL       2

# don 2008-04-07
uri MYTHANKYOUURI       /www\.mythankyou\.com/i
describe MYTHANKYOUURI  www.mythankyou.com
score MYTHANKYOUURI     5

# blarson 2008-04-09
uri SAMEAS              /\bsupersameas\.com\b/
describe SAMEAS         supersameas.com
score SAMEAS            3

# blarson 2008-04-12
body URIEXE             /\bhttp:\S*\.exe\b/
describe URIEXE         .exe url
score URIEXE            3

# blarson 2008-04-24
uri SANSATION           /\b(?:sansationel|garmenys|iconaliste)\.com\b/i
describe SANSATION      sansationel.com
score SANSATION         4

# blarson 2008-05-04
body EQMEDS             /\beqmeds\b/i
describe EQMEDS         eqmeds
score EQMEDS            4

# blarson 2008-05-06
uri MYLIVE                      /\bmylivegi\b/i
describe MYLIVE         mylivegirlx.com
score MYLIVE            4

# don 2008-05-26
body BROKENURL          /^\s*www((\s+\.\s*)|(\s*\.\+))\S+((\s+\.\s*)|(\s*\.\+))(com|net|org)\s*$/
describe BROKENURL      Broken url displayed
score BROKENURL         4

# don 2008-06-13
body STUPIDURL         /\w+\[\w+\](?:com|net|org)/
describe STUPIDURL     No one will guess that fooo[DOT]com is an URL!
score STUPIDURL        2.5

# blarson 2008-06-16
body SUGARCOM           /\b(?:indicatesugar|industryexpect|eset)\.com\b/
describe SUGARCOM       indicatesugar.com
score SUGARCOM          4

# blarson 2008-07-22
body VIEWMOVIE          /\/(?:(?:viewmovie|stream|watchit|topnews|hotnews|fresh|checkit|default|gowatch|showvideo|livestreaming|top|whatsup|tophot|lol|first|index1|1)\.html\b|(?:video|news2\/)\s*$)/
describe VIEWMOVIE      tabiloid style spam
score VIEWMOVIE         3

# blarson 2008-07-22
uri OPERAMAIL           /\bwww\.opera\.com\/mail\//
describe OPERAMAIL      opera.com mail
score OPERAMAIL         1

# blarson 2008-08-09
body NOSITE             /http:\/\/\//
describe NOSITE         http URL with no site
score NOSITE            2

# don 2008-09-04
uri TIECORRECT          /tiecorrect\.com/
describe TIECORRECT     Contains a tiecorrect.com uri
score TIECORRECT        4

# don 2009-02-04
body FOURMINUTI         /4minuti/
describe FOURMINUTI     Spam from 4 minuti
score FOURMINUTI        3

# don 2009-02-09
uri CREDITREPORTURI     /creditreport/
describe CREDITREPORTURI Credit report in the url isn't good
score CREDITREPORTURI    2

uri YAARIURI             /yaari.com/i
describe YAARIURI        Contains a yaari.com uri
score YAARIURI           3

uri MALADIRET            /maladiretaemails/
describe MALADIRET       Contains a maladiret uri
score MALADIRET          5

uri DEBRICOLAJE          /debricolaje/i
describe DEBRICOLAJE     Contains a debricolaje url
score DEBRICOLAJE        6

# blarson 2009-05-02
uri     ISUISSE         /\bisuisse\.com/
describe ISUISSE        isuisse.com
score ISUISSE           4

# formorer 2010-01-23
header LEXCHANGE        subject =~ /(?:for|4)\s+L[i1]nks?\s+E?xcha?nge/i
describe LEXCHANGE      ask for link exchange
score LEXCHANGE         4

# don 2010-03-16
uri EMAILSPARKLE        /emailsparkle.com/
describe EMAILSPARKLE   emailsparkle.com uri
score EMAILSPARKLE      4

# don 2011-10-3
uri MULTIPLYCOM         /multiply.com/
describe MULTIPLYCOM    multiply.com uri
score MULTIPLYCOM       3

# don 2012-1-9
uri OROUNRU             /oruon.ru/
describe OROUNRU        oruon.ru uri
score OROUNRU           4

# formorer 2012-02-28
header VOTREANN     Subject =~ /(votre|Petites) announce/i
score VOTREANN      4

1	# -- mode: spamassassin --
2	# joy, 2003-06-29
3	body ORIENTSKY /orient-sky\.com/
4	describe ORIENTSKY Japanese spam
5	score ORIENTSKY 4
6
7	# joy, 2003-07-06
8	body PACHETES /www\.pachetes\.com/
9	describe PACHETES Spanish spam
10	score PACHETES 4
11
12	# cjwatson, 2003/07/12
13	body NO_MORE_ACCENT /www\.no-more-accent\.com/
14	describe NO_MORE_ACCENT No More Accent spam
15	score NO_MORE_ACCENT 4
16
17	# joy, 2003-08-15
18	header FETHARD Subject =~ /fethard.biz/i
19	describe FETHARD Spam from Fethard.biz
20	score FETHARD 4
21
22	# joy, 2003-10-21, 2003-10-31
23	body PHARMACYSPAM3 /http:\/\/www\.rx(salenow\|ville)\.biz/i
24	describe PHARMACYSPAM3 pharmacy spam 3
25	score PHARMACYSPAM3 4
26
27	# cjwatson, 2004-01-13
28	# blarson, any number 2004-04-01
29	# blarson, more ajustmets 2004-04-03
30	body HREF_NNNN /www\.\d{3,5}hosting\.com/
31	describe HREF_NNNN www.NNNNhosting.com spam
32	score HREF_NNNN 3
33
34	# cjwatson, 2004-02-16
35	body SOCCER_MOMS /www\.soccer-moms\.biz/
36	describe SOCCER_MOMS Porn spam
37	score SOCCER_MOMS 4
38
39	# cjwatson, 2004-02-22
40	body MRSM_TILO /mrsm-tilo\.com/
41	describe MRSM_TILO Medical spam
42	score MRSM_TILO 4
43
44	# cjwatson, 2004-02-27
45	body FAST_ACTING /fast-acting\.com/
46	describe FAST_ACTING Viagra spam
47	score FAST_ACTING 4
48
49	# blarson 2004-04-04
50	body COMCLICKPH /com-click\.com\.ph/
51	describe COMCLICKPH PH spam gang
52	score COMCLICKPH 4
53
54	# blarson 2004-05-01
55	body MEDS675 /(675meds\|medsarergreat)\.com/i
56	describe MEDS675 More drug spam
57	score MEDS675 3
58
59	# blarson 2004-04-30
60	body ERHOME /erhome\.com/i
61	describe ERHOME loan spammer
62	score ERHOME 3
63
64	# blarson 2005-04-27
65	body CANDYHOS /\.(?:candyhos\.com\|(?:mycountry\|polty\|make4u)\.cc\|puchiphoto\.org\|purepure\.org)\//i
66	describe CANDYHOS spams from korea, hosts in japan
67	score CANDYHOS 5
68
69	# blarson 2005-12-08
70	# don 2007-11-21 -- combine other rule; increment score
71	# don 2009-02-17 -- increase score even more; ditch http
72	uri GEOCITIES /geocities/i
73	describe GEOCITIES geocities uri
74	score GEOCITIES 3
75
76	# blarson 2005-12-24
77	body EMPTYURL /\bhttp:\/\/(?:www\.)?$/i
78	describe EMPTYURL empty URL
79	score EMPTYURL 1.5
80
81	# blarson 2006-02-06
82	body AMPRO /www\.amateurprovideo\.info/i
83	describe AMPRO bug submitting spammer
84	score AMPRO 5
85
86	# blarson 2007-04-03
87	body IMAGESHACK /\/img\d+\.imageshack\.us\//i
88	describe IMAGESHACK shack attack
89	score IMAGESHACK 3.5
90
91
92	# dla 2007-04-03
93	header MSOUTLOOK x-mailer =~ /Microsoft\s+Outlook/i
94	describe MSOUTLOOK Microsoft Outlook
95	score MSOUTLOOK 0
96
97	meta SHACKOUTLOOK IMAGESHACK && MSOUTLOOK
98	describe SHACKOUTLOOK shack'ed to outlook
99	score SHACKOUTLOOK 2
100
101	# blarson 2007-04-09
102	body UNSUBG /\bwww\.guiaartistica\.com\.ar\b/
103	describe UNSUBG spamming bts with unsubscribe messages
104	score UNSUBG 14
105
106	# blarson 2007-05-14
107	body IMGCLOSET /\bhttp\:\/\/.*\b((image(closet\|thrust\|hosting)\|mypicshare\|tinypic\|fileanchor\|imgspot)\.com\|bilder-hosting\.de\|saunalahti\.fi\|upload2\.net\|imagehost\.ro)\b/i
108	describe IMGCLOSET closet spammer
109	score IMGCLOSET 3.5
110
111	# blarson 2007-05-17
112	body TROUBLEDE /\bhttp\:\/\/www\.TroubleAgent\.de\b/
113	describe TROUBLEDE troubleagent.de spam
114	score TROUBLEDE 3.5
115
116	# don 2007-05-24
117	body BESTLOANS /www.bestmortloans.com/i
118	describe BESTLOANS Best loans url
119	score BESTLOANS 2
120
121	# blarson 2007-07-22 2007-09-12
122	body PENPRO /\@(?:penmailpro\|OnsetIng\|openprotection\|NearOut\|SuperOnset\|medicalgloveonline\|YourOnset\|GreatGloveCell\|thegloveworks\|asiafriendworld\|NaturalImprove\|charmshine\|healthinsweb)\.info\b/i
123	describe PENPRO penmailpro spam
124	score PENPRO 3.5
125
126	# blarson 2007-09-05 2007-09-11 2009-04-12
127	body WWWCN /\b(?:www\.\|https?\:.*)(\w\|-\|\.)+\.cn\b/i
128	describe WWWCN chinese web site
129	score WWWCN 3
130
131	# cjwatson, 2002/04/04
132	body EMAILOFFER /www\.emailoffer\.us/
133	describe EMAILOFFER Gibberish HTML spammers
134	score EMAILOFFER 4.0
135
136	# cjwatson, 2002/04/08
137	body JUSTYAK /www\.JustYak\.com/
138	describe JUSTYAK JustSpam
139	score JUSTYAK 4.0
140
141	# blarson 2007-09-10
142	body SIZMATZ /\bsize-matterz\.com\b/i
143	describe SIZMATZ size matterz
144	score SIZMATZ 3
145
146	# blarson 2007-09-10
147	body EMAGX /\bhttp\:\/\/emagx\.net\b/i
148	describe EMAGX wondercum spammer
149	score EMAGX 3.5
150
151	# blarson 2007-09-13
152	body FREENFL /\bhttp\:\/\/freeNFLtracker\.com\b/i
153	describe FREENFL nfl spam
154	score FREENFL 3
155
156	# blarson 2007-09-13
157	body SPAMARREST /\bhttp\:\/\/www\.spamarrest\.com\b/
158	describe SPAMARREST forwards thier spam problem
159	score SPAMARREST 4
160
161	# blarson 2007-09-14
162	body FROMAD /\bhttp\:\/\/(?:budhipps\|fromad\|conavel\|cliensy\|comnoe\|mybudshop)\.com\b/i
163	describe FROMAD more penis spam
164	score FROMAD 4
165
166	# blarson 2007-09-17
167	body MYCHEAP /\b(?:my)?cheap(?:xp\|adobe)?(?:oem\|soft)+(?:now\|ware)?(?:(?:4\|for)?less)?\d\s\.\s*com\b/i
168	describe MYCHEAP software spam
169	score MYCHEAP 4
170
171	# blarson 2007-09-16
172	body WWWRU /\b(?:www\.\|https?\:.*)\w+\.ru\b/i
173	describe WWWRU russian web site
174	score WWWRU 2
175
176	# blarson 2007-09-24
177	body VIPSMS /\bvipsms\.org\b/i
178	describe VIPSMS vipsms.org
179	score VIPSMS 4
180
181	# don 2007-10-01
182	header MAKEUP subject =~ /makeup\.com/i
183	describe MAKEUP makeup.com url
184	score MAKEUP 3
185
186	# blarson 2007-10-04
187	body SUBT /\bsubtracthold\.com\b/i
188	describe SUBT subtracthold.com
189	score SUBT 4
190
191	body GRAPHICMAIL /\bhttp\:\/\/www\.graphicmail\.de\b/i
192	describe GRAPHICMAIL graphicmail.de
193	score GRAPHICMAIL 4
194
195
196	body WWWRO /\b(?:www\.\|https?\:.*)\w+\.ro\b/i
197	describe WWWRO romanian web site
198	score WWWRO 2
199
200	# blarson 2007-10-10
201	body CLEANDOM /http\:\/\/\{_clean_domains\}/
202	describe CLEANDOM broken spamware
203	score CLEANDOM 4
204
205	# blarson 2007-10-11
206	body SOFTNLSE /\bsoftnlse\s\.\scom\b/i
207	describe SOFTNLSE softnlse.com
208	score SOFTNLSE 4
209
210	# blarson 2007-10-13
211	body MUSVID /\b(?:MusicAndVideoWorld\|usa-bestsellers)\.com/i
212	describe MUSVID MusicAndVideoWorld.com
213	score MUSVID 4
214
215	# blarson 2007-10-16
216	body PLATSOFT /\btheplatinumsoft\.com\b/i
217	describe PLATSOFT theplatinumsoft.com
218	score PLATSOFT 4
219
220	# blarson 2007-10-22
221	body BLOGSPOT /\bblogspot\.com\b/i
222	describe BLOGSPOT spammers are hosting on blogspot
223	score BLOGSPOT 3
224
225	# blarson 2007-10-25
226	body PILLUS /PILL-US\.COM\b/i
227	describe PILLUS PILL-US spam
228	score PILLUS 4
229
230	# blarson 2007-10-25
231	body BETWEENTO /\bhttp\:\/\/betweento\.com\b/i
232	describe BETWEENTO betweento.com
233	score BETWEENTO 4
234
235	# don 2007-10-25
236	body MASZON /mc?a(szon\|yvidol\|ttk)\.(com\|org\|net)/i
237	describe MASZON pron spam
238	score MASZON 4
239
240
241	# blarson 2007-10-27
242	body GMAIL /\@gmail\.com\b/i
243	describe GMAIL @gmail.com
244	score GMAIL 1
245
246	# blarson 2007-10-28
247	body MAILRU /\@mail\.ru\b/i
248	describe MAILRU @mail.ru
249	score MAILRU 3
250
251	# blarson 2007-10-31
252	body ADOBE4LESS /\b(?:adobe4less\|realnewsoft\|newmicrosoftdeals\|kvaka-soft)\s[.,]\scom\b/i
253	describe ADOBE4LESS adobe4less . com
254	score ADOBE4LESS 4
255
256	# blarson 2007-11-01
257	body RMAPPLY /http\:\/\/rmapply\.com\b/i
258	describe RMAPPLY http://rmapply.com
259	score RMAPPLY 4
260
261	# blarson 2007-11-04
262	header HANOIFASH subject =~ /WWW\.HANOI-FASHION\.COM/i
263	describe HANOIFASH WWW.HANOI-FASHION.COM
264	score HANOIFASH 4
265
266	# blarson 2007-11-06
267	body ONLINEMED /\b(?:onlinemedicalkey\|pharm\w\|webvinz\|wendebay\|webdcd\|vowelstep\|wclth\|duringgear\|broadbasic\|instantsuffix\|magnetdouble\|drugsdirecteat)\s\.\s*com\b/i
268	describe ONLINEMED onlinemedicalkey.com
269	score ONLINEMED 4
270
271	# blarson 2007-11-15
272	body GETUP /\bgetupgradednow\.com\b/i
273	describe GETUP getupgradednow.com
274	score GETUP 4
275
276	# blarson (pusling's idea) 2007-11-16
277	body SPACECOM /^[\w\d]+\s\.\scom\b/
278	describe SPACECOM whatever . com
279	score SPACECOM 3
280
281	# don -- flowgoaway.com doesn't appear to be a working RBL anymore (if it ever was?)
282	# blarson 2007-11-20
283	# uridnsbl URIBL_FLO flowgoaway.com. A
284	# body URIBL_FLO eval:check_uridnsbl('URIBL_FLO')
285	# describe URIBL_FLO web site in flowgoaway.com
286	# tflags URIBL_FLO net
287	# score URIBL_FLO 1
288
289	# blarson 2007-11-20
290	body SOFTROU /\bwww\.softrou\.com\b/i
291	describe SOFTROU www.softrou.com
292	score SOFTROU 3
293
294	# blarson 2007-11-20
295	body GOOGLEPAGES /\bgooglepages\.com\b/i
296	describe GOOGLEPAGES spammers use googlepages
297	score GOOGLEPAGES 2
298
299	# blarson 2007-12-07
300	body SOFTBESTGRAND /\bsoft(?:bestgrand\|wareonlinemuch)\.com\b/
301	describe SOFTBESTGRAND softbestgrand.com
302	score SOFTBESTGRAND 4
303
304	# blarson 2007-12-10
305	body PCSOFTCHEAP /\b(?:pcsoftcheap\|cheapezsoft\|cheapsoftxp\|adobe4cheap\|phonowa\|saleonsoftware\|bestdealoem\|realcheapsoft\|krasniyles\|cheapxp4pc\|supercheapoem\|lowpriceoem\|realcheapoem\|cheapadobedeal\|softwarefoundation\|2008oem\|xpxmas\|cheap2008soft\|snowysoftware\|2008adobe\|adobe2008\|cheapgetsoftone\|x(?:higher\|main\|prime)(?:soft\|software\|easy)\|softonlinepc\|andsoftware\|softonlinedownload\|kunchakoem\|erhere\w\|kiroemch\|phonowd\|cheap(?:soft\|oem\|software)here\|softwarenowprox\|xprosoftonlinedl\|siniyglaz\|popandosoem\|xsoftprodepot\|triudava\|krasniynos\|fastsoftnow\|cheapeasy(soft\|oem\|software)\|ezadobenow\|softnowpromohere\|primenetsofthe\|nowinstantsoftieq\|isktesoft\|best(?:oem\|soft\|software)2008\|new2008(?:soft\|oem\|software)\|fastez(?:soft\|oem\|software)\|ezfast(?:oem\|soft\|software)\|2008(?:micro)?softdeals\|oemfactorysale\|nbuysoft\|softnuhere\|softsale2008\|softwintersale\|blatnoyoem\|svedsoft\|gsxoempromo\|getmicrosoftfast\|adobeoemsale\|xp4(?:cheap\|less)\|xpoemnow\|buycheapxp\|alloem4less\|lun(?:soft\|oem\|software)\|(?:new\|fast)xp(?:soft\|oem\|software)\|frukanoka\|softcheap(?:n[eo]w\|xp)\|adobe(?:web\|blog\|new)(?:soft\|spot\|deal))\s?\.\s?(?:com\|net)\b/
306	describe PCSOFTCHEAP pcsoftcheap. com
307	score PCSOFTCHEAP 4
308
309	# blarson 2007-12-11
310	body GOLDGAME /\b(?:gamblingplacegold\|goldgamesite\|topgamingsite\|richbestgaming\|luxgoldgaming)\.(?:net\|com)\b/
311	describe GOLDGAME gambling sites
312	score GOLDGAME 4
313
314	# blarson 2007-12-14
315	body ENLARGETW /\b(?:enlarge\|0rz)\.tw\b/
316	describe ENLARGETW enlarge.tw
317	score ENLARGETW 4
318
319	# blarson 2007-12-15
320	body POSTTHROUGH /\b(?:postthrough\|speedgrand\|certaincoast)\.com\b/
321	describe POSTTHROUGH postthrough.com
322	score POSTTHROUGH 4
323
324	# blarson 2007-12-25
325	body UHAVE /\b(?:uhavepost\|happy(?:santa)?\|newyear\|familypost\|fresh\|post)cards?-?(?:2008)?\.com\b/
326	describe UHAVE uhavepostcard.com
327	score UHAVE 4
328
329	# blarson 2007-12-26
330	body RUSSWIFE /\b(?:your\|best\|new\|the\|my)(?:russ[il]an?\|address\|russ)(?:wife\|bride)\.info\b/
331	describe RUSSWIFE yourrussianwife.info
332	score RUSSWIFE 4
333
334	# blarson 2007-12-31
335	body HAPPY2008 /\b(?:happy2008toyou\|hellosanta2008\|hohoho2008\|santawishes2008)\.com\b/
336	describe HAPPY2008 happy2008toyou.com
337	score HAPPY2008 4
338
339	# blarson 2008-01-02
340	body BONGHIT /\b(?:beaverbonghits\|dobongworld)\.com\b/
341	describe BONGHIT beaverbonghits.com
342	score BONGHIT 4
343
344	# blarson 2008-01-02
345	body GOOGLESEARCH /\bgoo+gle\.(com\|\w\w\|com?\.\w\w)\/+(?:search\|pagead)/i
346	describe GOOGLESEARCH google search URL
347	score GOOGLESEARCH 2
348
349	# blarson 2008-01-02
350	body SIGAS /\b(?:Sigashash\|Reelhotsi\|Erisgoonti\|Erisgoners\|Freesignsies\|Rielhotties\|Foredroons\|Feeshoons\|Erisgant\|hapburge\|wuimooed\|jiuezdoo\|goingoinghom\|buloies\|Poeshages\|Rueshabesoo\|clitoriseries\|clitorina\|glueplot\|crumbtost\|ideaputs)(?:\.\|\=2E)com\b/
351	describe SIGAS www.Sigashash.com
352	score SIGAS 4
353
354	# blarson 2008-01-05
355	body RUSSIABRIDE /\bruss[il]an?(bride\|wife)(?:home\|live\|blog\|)\.info\b/
356	describe RUSSIABRIDE russiabridehome.info
357	score RUSSIABRIDE 4
358
359	# blarson 2008-01-14
360	body REDMEHS /\bwww\.(?:redmehs\|feltas\|barataslo\|quasibot\|tageshes\|flessimo\|spendhope\|instrumentstart)\b/
361	describe REDMEHS www.redmehs
362	score REDMEHS 4
363
364	# blarson 2008-01-15
365	body MYURL /\bmyurl\.com\.tw\b/i
366	describe MYURL myurl.com.tw
367	score MYURL 3
368
369	# blarson 2008-01-28
370	body W0MEN /w0men\.info\b/i
371	describe W0MEN hotw0men.info ukrw0men.info
372	score W0MEN 3
373
374	# blarson 2008-01-29
375	body ACEMST /\bacemst\.com\b/
376	describe ACEMST acemst.com
377	score ACEMST 3
378
379	# blarson 2008-02-01
380	body GALSINFO /\b(?:foreigngals\|californiaimprove)\.info\b/i
381	describe GALSINFO foreigngals.info
382	score GALSINFO 3
383
384	# blarson 2008-02-06
385	body RIDGEST /\bridgest\.com\b/
386	describe RIDGEST ridgest.com
387	score RIDGEST 4
388
389	# blarson 2008-02-16
390	body SOFTROI /\bsoft(?:roi\|ove)\.com\b/
391	describe SOFTROI softroi.com
392	score SOFTROI 4
393
394	# don 2008-02-23
395	body FILEZONE /(file-zone.co.uk\|File-Zone)/
396	describe FILEZONE File-Zone
397	score FILEZONE 2
398
399	# blarson 2008-02-28
400	body X2J1F /\b2j1f\.com\b/i
401	descrIbe X2J1F 2j1f.com
402	score X2J1F 4
403
404	# blarson 2008-02-28
405	body ILVE /\bilveant\.net\b/i
406	describe ILVE www.ilveant.net
407	score ILVE 4
408
409	# don 2008-03-04
410	body VIDEOFILBMS /www\.videofilbms\.cn/i
411	describe VIDEOFILBMS video filbms url
412	score VIDEOFILBMS 4
413
414	# blarson 2008-03-05
415	body ABESOFT /\bca.abesoft\.com\b/i
416	describe ABESOFT www.cazabesoft.com etc.
417	score ABESOFT 4
418
419	# blarson 2008-03-06
420	body STARLEYT /\bstarleyt\.com\b/i
421	describe STARLEYT starleyt.com
422	score STARLEYT 4
423
424	# blarson 2008-03-07
425	body URLOEM /\bhttp\:\/\/\{/
426	describe URLOEM http://{urloem2}
427	score URLOEM 3
428
429	# blarson 2008-03-12
430	body WILDERGO /\b(?:WilderGoLovan\|golovable\|BestGolova\|SuperGolovaWorld)\.com\b/i
431	describe WILDERGO WilderGoLovan.com
432	score WILDERGO 4
433
434	# don 2008-03-17
435	body PROGOLD /\bprogold-inc\.com\b/i
436	describe PROGOLD progold-inc.com
437	score PROGOLD 4
438
439	# blarson 2008-03-18
440	body KMINU /\b(?:kminutte\|rubstream)\.com\b/i
441	describe KMINU kminutte.com
442	score KMINU 4
443
444	# don 2008-03-19
445	body SCIJOURNALS /\bsciencejournals\.info\b/i
446	describe SCIJOURNALS scientific journals
447	score SCIJOURNALS 4
448
449	# blarson 2008-03-19
450	body JANEHOT /\bjane\d[\w\d]\@hotmail\.com\s$/
451	describe JANEHOT jane*@hotmail.com
452	score JANEHOT 3
453
454	# blarson 2008-03-20
455	rawbody BIFUTRA /\b(?:bifutra\|veriapoli\|xenifeao\|toporaig\|jieros\|bifreca\|werikine\|incroomise\|genbullenst\|writeprovide)(?:\.\|\=2E)com\b/
456	describe BIFUTRA spammer web sites
457	score BIFUTRA 4
458
459	# don 2008-04-02
460	body LONGLINEURL /^.{55,}\S\shttp:\/\/www\.\w+\.(?:com\|net\|org)\/\s*$/
461	describe LONGLINEURL long line ending in a simple url
462	score LONGLINEURL 2
463
464	# don 2008-04-07
465	uri MYTHANKYOUURI /www\.mythankyou\.com/i
466	describe MYTHANKYOUURI www.mythankyou.com
467	score MYTHANKYOUURI 5
468
469	# blarson 2008-04-09
470	uri SAMEAS /\bsupersameas\.com\b/
471	describe SAMEAS supersameas.com
472	score SAMEAS 3
473
474	# blarson 2008-04-12
475	body URIEXE /\bhttp:\S*\.exe\b/
476	describe URIEXE .exe url
477	score URIEXE 3
478
479	# blarson 2008-04-24
480	uri SANSATION /\b(?:sansationel\|garmenys\|iconaliste)\.com\b/i
481	describe SANSATION sansationel.com
482	score SANSATION 4
483
484	# blarson 2008-05-04
485	body EQMEDS /\beqmeds\b/i
486	describe EQMEDS eqmeds
487	score EQMEDS 4
488
489	# blarson 2008-05-06
490	uri MYLIVE /\bmylivegi\b/i
491	describe MYLIVE mylivegirlx.com
492	score MYLIVE 4
493
494	# don 2008-05-26
495	body BROKENURL /^\swww((\s+\.\s)\|(\s\.\+))\S+((\s+\.\s)\|(\s\.\+))(com\|net\|org)\s$/
496	describe BROKENURL Broken url displayed
497	score BROKENURL 4
498
499	# don 2008-06-13
500	body STUPIDURL /\w+\[\w+\](?:com\|net\|org)/
501	describe STUPIDURL No one will guess that fooo[DOT]com is an URL!
502	score STUPIDURL 2.5
503
504	# blarson 2008-06-16
505	body SUGARCOM /\b(?:indicatesugar\|industryexpect\|eset)\.com\b/
506	describe SUGARCOM indicatesugar.com
507	score SUGARCOM 4
508
509	# blarson 2008-07-22
510	body VIEWMOVIE /\/(?:(?:viewmovie\|stream\|watchit\|topnews\|hotnews\|fresh\|checkit\|default\|gowatch\|showvideo\|livestreaming\|top\|whatsup\|tophot\|lol\|first\|index1\|1)\.html\b\|(?:video\|news2\/)\s*$)/
511	describe VIEWMOVIE tabiloid style spam
512	score VIEWMOVIE 3
513
514	# blarson 2008-07-22
515	uri OPERAMAIL /\bwww\.opera\.com\/mail\//
516	describe OPERAMAIL opera.com mail
517	score OPERAMAIL 1
518
519	# blarson 2008-08-09
520	body NOSITE /http:\/\/\//
521	describe NOSITE http URL with no site
522	score NOSITE 2
523
524	# don 2008-09-04
525	uri TIECORRECT /tiecorrect\.com/
526	describe TIECORRECT Contains a tiecorrect.com uri
527	score TIECORRECT 4
528
529	# don 2009-02-04
530	body FOURMINUTI /4minuti/
531	describe FOURMINUTI Spam from 4 minuti
532	score FOURMINUTI 3
533
534	# don 2009-02-09
535	uri CREDITREPORTURI /creditreport/
536	describe CREDITREPORTURI Credit report in the url isn't good
537	score CREDITREPORTURI 2
538
539	uri YAARIURI /yaari.com/i
540	describe YAARIURI Contains a yaari.com uri
541	score YAARIURI 3
542
543	uri MALADIRET /maladiretaemails/
544	describe MALADIRET Contains a maladiret uri
545	score MALADIRET 5
546
547	uri DEBRICOLAJE /debricolaje/i
548	describe DEBRICOLAJE Contains a debricolaje url
549	score DEBRICOLAJE 6
550
551	# blarson 2009-05-02
552	uri ISUISSE /\bisuisse\.com/
553	describe ISUISSE isuisse.com
554	score ISUISSE 4
555
556	# formorer 2010-01-23
557	header LEXCHANGE subject =~ /(?:for\|4)\s+L[i1]nks?\s+E?xcha?nge/i
558	describe LEXCHANGE ask for link exchange
559	score LEXCHANGE 4
560
561	# don 2010-03-16
562	uri EMAILSPARKLE /emailsparkle.com/
563	describe EMAILSPARKLE emailsparkle.com uri
564	score EMAILSPARKLE 4
565
566	# don 2011-10-3
567	uri MULTIPLYCOM /multiply.com/
568	describe MULTIPLYCOM multiply.com uri
569	score MULTIPLYCOM 3
570
571	# don 2012-1-9
572	uri OROUNRU /oruon.ru/
573	describe OROUNRU oruon.ru uri
574	score OROUNRU 4
575
576	# formorer 2012-02-28
577	header VOTREANN Subject =~ /(votre\|Petites) announce/i
578	score VOTREANN 4
579