From: "Jeff Chan"
Not sure if this is a new type of spam or not:
Did this get flagged by SpamCopURI?
If not, the reason is likely to be that the URI
http://= www.ozone.fitch7826drug-MUNGED.us/d.ddd
contains a quoted-printable character (=).
That said, if urirhsbl or SpamCopURI limit the number of URIs checked, these could sneak through. A useful behavior might be to ignore any non-clickable anchors, if we're not already doing that.
I don't think there is *currently* any limit in SpamCopURI on number of URIs. It should parse all of the URIs.
Limiting to URIs which are clickable could be a useful improvement though to counter spammers that add lots of legitimate but non clickable URIs to email. This would reduce resource usage during processing and also reduce load on surbl servers.
John