debian_pkg-listmaster/spamassassin_config/common/drug_spam

# -*- mode: spamassassin -*-

# various drugs match these rules

# blarson, 2004-05-10 -> lists --pasc 04/05/11
body DRUGSPAM   /(\b|_|\d)(c.?(i|\?|\=ed|\xed).?a.?l.?[ig].?s|v.?(i|1|=ed|\xed|l).?(?:a|\@|\/\\).?g.?r.?(?:a|\@|\/\\)|v.?i.?c.?o.?d.?i.?n|h.?y.?d.?r.?o.?c.?o.?d.?o.?n.?e|[xz].?a.?n.?a.\?x|p.?r.?o.?z.?a.?c|hgh)(\b|_\d)/i
describe DRUGSPAM       drug spam 
score DRUGSPAM  3

# blarson, 2004-05-10 -> lists --pasc 04/05/11
header DRUGSPAM2        subject =~ /(\b|_|\d)(c.?(i|\?|\=ed|\xed).?a.?l.?[ig].?s|v\.?(i|1|=ed).?(?:a|\@|\/\\).?g.?r.?(?:a|\/\\)|v.?i.?c.?o.?d.?i.?n|h.?y.?d.?r.?o.?c.?o.?d.?o.?n.?e|\[xz].?a.?n.?a.?x|p.?r.?o.?z.?a.?c|hgh)(\d|\b|_)/i
describe DRUGSPAM2      more drug spam
score DRUGSPAM2         3

# More drugs! --pasc 2003-05-13 blarson 2007-09-12
body 		DRUGSPAM3	/\b(v.?i.?o.?x|x.?a.?n.?(a|@).?x|p.?h.?e.?n.?t.?r.?e.?m.?i.?n.?e|v.?i.?a.?g.?r.?a)/i
describe	DRUGSPAM3	yet more drugs
score		DRUGSPAM3	1.5

# blarson 2007-09-13
full		MURPHY_DRUGS1	/\bv.?i.?a+.?[gdk]+.?r+.?a+\b/i
describe	MURPHY_DRUGS1	Viagra
score		MURPHY_DRUGS1	1.5

body		MURPHY_DRUGS2	/v.?i.?o.?x/i
describe	MURPHY_DRUGS2	Viox
score		MURPHY_DRUGS2	0.5

body		MURPHY_DRUGS3	/F.?i.?o.?r.?i.?c.?e.?e.?t/i
describe	MURPHY_DRUGS3	Fioriceet
score		MURPHY_DRUGS3	0.5

body		MURPHY_DRUGS4	/P.?h.?e.?n.?t.?(r.?e|e.?r).?m.?i.?n.?e/i
describe	MURPHY_DRUGS4	Phentremine
score		MURPHY_DRUGS4	0.5

body		MURPHY_DRUGS5	/v.?a.?l.?i.?u.?m/i
describe	MURPHY_DRUGS5	Valium
score		MURPHY_DRUGS5	0.5

body		MURPHY_DRUGS6	/x.?(a|@).?n.?a.?x/i
describe	MURPHY_DRUGS6	Xanax
score		MURPHY_DRUGS6	0.5

body		MURPHY_DRUGS7	/v.?i.?c.?o.?d.?i.?n/i
describe	MURPHY_DRUGS7	Vicodin
score		MURPHY_DRUGS7	0.5

body		MURPHY_DRUGS8	/h.?y.?d.?r.?o.?c.?o.?d.?o.?n.?e/i
describe	MURPHY_DRUGS8	Hydrocodone
score		MURPHY_DRUGS8	0.5

body		MURPHY_DRUGS_REL1	/medication/i
score		MURPHY_DRUGS_REL1	0.5

body		MURPHY_DRUGS_REL2	/P.?r.?e.?s.?c.?r.?i.?p.?t.?i.?o.?n/i
score		MURPHY_DRUGS_REL2	0.5

body		MURPHY_DRUGS_REL3	/health product/i
score		MURPHY_DRUGS_REL3	0.5

body		MURPHY_DRUGS_REL4	/drug.*expensive/i
score		MURPHY_DRUGS_REL4	0.5

body		MURPHY_DRUGS_REL5	/p.?h.?a.?r.?m.?a.?c.?e.?u.?t.?i.?c.?a.?l/i
score		MURPHY_DRUGS_REL5	0.5

body		MURPHY_DRUGS_REL6	/formula/i
score		MURPHY_DRUGS_REL6	0.2

body		MURPHY_DRUGS_REL7	/dosing/i
score		MURPHY_DRUGS_REL7	0.2

body		MURPHY_DRUGS_REL8	/patch/i
score		MURPHY_DRUGS_REL8	0.02

body		MURPHY_DRUGS_REL9	/\bpills?\b/i
score		MURPHY_DRUGS_REL9	1

body		MURPHY_DRUGS_REL10	/bacteria/i
score		MURPHY_DRUGS_REL10	0.1

body		MURPHY_DRUGS_REL11	/antidote/i
score		MURPHY_DRUGS_REL11	0.1

meta		MURPHY_DRUGS_META1	(MURPHY_DRUGS1 + MURPHY_DRUGS2 + MURPHY_DRUGS3 + MURPHY_DRUGS4 + MURPHY_DRUGS5 + MURPHY_DRUGS6 + MURPHY_DRUGS7 + MURPHY_DRUGS8 + MURPHY_DRUGS_REL1 + MURPHY_DRUGS_REL2 + MURPHY_DRUGS_REL3 + MURPHY_DRUGS_REL4 + MURPHY_DRUGS_REL5 + MURPHY_DRUGS_REL9 + MURPHY_DRUGS_REL10 + MURPHY_DRUGS_REL11) > 1
score		MURPHY_DRUGS_META1	3.0

meta		MURPHY_DRUGS_META2	(MURPHY_DRUGS1 + MURPHY_DRUGS2 + MURPHY_DRUGS3 + MURPHY_DRUGS4 + MURPHY_DRUGS5 + MURPHY_DRUGS6 + MURPHY_DRUGS7 + MURPHY_DRUGS8 + MURPHY_DRUGS_REL1 + MURPHY_DRUGS_REL2 + MURPHY_DRUGS_REL3 + MURPHY_DRUGS_REL4 + MURPHY_DRUGS_REL5 + MURPHY_DRUGS_REL11 + MURPHY_DRUGS_REL10 + MURPHY_DRUGS_REL9) > 2
score		MURPHY_DRUGS_META2	4.0


meta		MURPHY_DRUGS_META3	(MURPHY_DRUGS_REL6 + MURPHY_DRUGS_REL7 + MURPHY_DRUGS_REL8 + MURPHY_DRUGS_REL9) > 1
score		MURPHY_DRUGS_META3	2.0

meta DRUGS_STOCK_MIMEOLE (__MIMEOLE_1106 && __MAILER_OL_5510)
header __MIMEOLE_1106   X-MimeOLE =~ /^Produced By Microsoft MimeOLE V6.00.2800.1106$/
header __MAILER_OL_5510 X-Mailer =~ /^Microsoft Office Outlook, Build 11.0.5510$/
describe DRUGS_STOCK_MIMEOLE Stock-spam forged headers found (5510)
score DRUGS_STOCK_MIMEOLE 3

# More penis enlargement --pasc 061012
body	M_BIGGER1 /gain \d inches/i
score	M_BIGGER1 5

# cjwatson, 2003/02/26
body AMAZINGHEALTHGROUP		/www\.amazinghealthgroup\.com/
describe AMAZINGHEALTHGROUP	Amazing Spam Group
score AMAZINGHEALTHGROUP	4.0

# joy, 2003-09-16
body PHARMACYSPAM1	/http:\/\/www.pharmacy[^\.]+.biz/i
describe PHARMACYSPAM1	pharmacy spam 1
score PHARMACYSPAM1	4

header PHARMACYSPAM2	Subject =~ /Best Discount Online Drugs/i
describe PHARMACYSPAM2	pharmacy spam 2
score PHARMACYSPAM2	4

# joy, 2003-11-09
body PRESCRIPTION	/prescription/i
describe PRESCRIPTION	pharmacy spam
score PRESCRIPTION	2

body PHARMACY		/pharmacy/i
describe PHARMACY	pharmacy spam
score PHARMACY		1

body FDAAPPROVEDB	/(USA?|FDA)( official)?[ -]approved/
describe FDAAPPROVEDB	US FDA approved pharmacy spam
score FDAAPPROVEDB	2

header FDAAPPROVEDS	Subject =~ /(USA?|FDA)( official)?[ -]approved/
describe FDAAPPROVEDS	US FDA approved pharmacy spam
score FDAAPPROVEDS	3

# cjwatson, 2004-01-16
body MYPILLSOURCE	/mypillsource\.com/
describe MYPILLSOURCE	mypillsource.com spam
score MYPILLSOURCE	4

# cjwatson, 2004-02-18
body HGH_PROVEN		/HGH is proven to help/
describe HGH_PROVEN	Yeah, sure
score HGH_PROVEN	3

# cjwatson, 2004-02-22
header CIALGS		Subject =~ /sug?per viagrga/
describe CIALGS		Viagra derivative spam
score CIALGS		4

# cjwatson, 2004-03-01, 2004-03-05
body LAY_THE_PIPE	/the next (chick|girl) you (screw|bang)/
describe LAY_THE_PIPE	Viagra spam
score LAY_THE_PIPE	4

# blarson 2004-04-13
body SPERM		/\bsperm/i
describe SPERM		fertility spam
score SPERM		3

# blarson 2005-06-04
header MED		subject =~ /\b(?:doctor|health|medic(?:al|ine))$/
describe MED		medical spam
score MED		2

# blarson 2006-09-25 2007-09-18
body HOODIA		/\bh.?oo+dia/i
describe HOODIA		weight loss scam
score HOODIA		3

# dla 2007-02-27
header	PHARRMACY	subject =~ /Can+adian\s+Fami+ly\s+Phar+macy/i
describe PHARRMACY	pharrmacy can't spell
score	PHARRMACY	3

# don 2007-05-20 
body MALEENHANCE	/male\s+enhan[c\(]e/i
describe MALEENHANCE	Enhanced males
score MALEENHANCE	2

# blarson 2007-05-20
body SIZEMAT		/\b(?:Does Size|size does) Matter\b/i
describe SIZEMAT	size matters spam
score SIZEMAT		2

# blarson 2007-08-30
body SIZEMAT		/\bsizematters\.cn\b/i
describe SIZEMAT	size matters
score SIZEMAT		4

# blarson 2007-06-19
body ENLARGEPL		/\benlargeplus\b/
describe ENLARGEPL	more penis spam
score ENLARGEPL		3

# blarson 2007-07-19
body PHYSCONS		/^After this we will require a physician consultation/
describe PHYSCONS	more php spam
score PHYSCONS		3


# blarson 2007-08-12
body GETABIG		/\bwww\.getabiggercock\.net\b/i
describe GETABIG	cock spam
score GETABIG		4

# blarson 2007-09-11
body PHYLET		/\bphysician (?:letter|questions?)\b/i
describe PHYLET		physician letter
score PHYLET		3.5

# blarson 2007-09-11
body PEN1S		/\bpen1s\b/i
describe PEN1S		pen1s
score PEN1S		3

# blarson 2007-09-12
body PILLS		/\bx\s+\d+\s+pills\b/
describe PILLS		pills spam
score PILLS		3.5

# blarson 2007-09-13
body PFIZER		/\bP\W?f\W?i\W?z\W?e\W?r\b/i
describe PFIZER		Pfizer
score PFIZER		3

# blarson 2007-09-19
body WONDERCUM		/\bwondercum\b/i
describe WONDERCUM	more drug spam
score WONDERCUM		4

# blarson 2007-09-21
body DRUGSTORE		/\bdrug store\b/i
describe DRUGSTORE	drug store
score DRUGSTORE		3

# zobel 2007-10-11
header LETACCOUNT	subject =~ /LET\:account,password,shop/i
describe LETACCOUNT	Random Let:account spam
score LETACCOUNT	7

# blarson 2007-10-16
body HGH		/\bh(?:uman)?g(?:rowth)?h(?:ormone)?\b/i
describe HGH		hgh
score HGH		2

# blarson 2007-10-23
body BRACKVIAG		/\b\[V(?:\]\w\[)?I(?:\]\w\[)?A(?:\]\w\[)?G(?:\]\w\[)?R(?:]\w\[)?A\]\b/i
describe BRACKVIAG	[viagra]
score BRACKVIAG		4

# blarson 2007-11-09
header PHARMORD		subject =~ /\bPharmacy\b.*\border\b/i
describe PHARMORD	Pharmacy order
score PHARMORD		4

# blarson 2007-11-12
body XTRASIZE		/\bXtra\s*Size\b/i
describe XTRASIZE	more penis spam
score XTRASIZE		2

# blarson 2007-11-14
header BIGORGAN		subject =~ /\b(?:macro|sizeable|bouffant|colossal|elephantin|largish|gargantuan|vast|ample|broad|huge|size|significant|oversized?|monolithic|hulky|voluminous|whopping|enormous|titanic|large|extended|bulky|humongous|outsize|puffy|prodigious|extended|sized|monstrous|wide|thumping|stupendous|gigantic|big|important|mountainous|immense|extended|plumping|tremendous|extensive|massive|sizable|conspicuous|prodigious|jumbo|monster|greatest|scale|immence|spacious|ranging|giant|biggish|outsized|whacking|fat|capacious|grand|intense|monumental|rangy|prominent|cosmic|bigger|muscular|obvious|overlarge|enlarged|super|larger|increase|stronger|sized?|your|great|longest|true|harder|tiny|small|gaining|ultimate|amazing|long|huge)\s+(?:body part|member|phallus|fuckstick|sc?hlong|d[il]c?\W?k|shaft|p\W?e\W?n[i!l]s|erectile|organ|c[o0]ck[s5]?|rods?|ejaculation|erections?|in\sgirth|one-eyed|penile|w[i1][l1]+y|magic wand|masculinity|PE|pleasure machine|herbal|stick|male|d\Wi\Wc\Wk|boner|pecker)\b/i
describe BIGORGAN		big body part
score BIGORGAN		3

# blarson 2007-12-02
header BKWORD		subject =~ /\b\{word\}\b/
describe BKWORD		{word}
score BKWORD		3

# blarson 2007-12-10
header MEDS		subject =~ /\bmed(?:ication)?s?\b/i
describe MEDS		meds
score MEDS		2

# blarson 2007-12-10
header STEROIDS		subject =~ /\bsteroids?\b/i
describe STEROIDS	steroids
score STEROIDS		3

# blarson 2007-12-11
header HEALTH		subject =~ /\bhealth\b/i
describe HEALTH		health
score HEALTH		0.2

# blarson 2007-12-18
body MEDS2		/\bmed\W?s?\b/
describe MEDS2		meds
score MEDS2		2

# blarson 2007-12-21
full VPXL		/\bVPXL\b/
describe VPXL		VPXL
score VPXL		3

# blarson 2007-12-22
full TRIBULUS		/\b(?:Tribulus terrestris|Albizzia lebbeck|Argyrerin speciosa|Valeriana wallichii|Soya protein)\b/i
describe TRIBULUS	Tribulus terrestris|Albizzia lebbeck
score TRIBULUS		3

# blarson 2007-12-24
body VITAMINE		/\bVitamin E\b/
describe VITAMINE	Vitamin E
score VITAMINE		3

# blarson 2007-12-24
full PENISSIZE		/\b(?:penis|dick|cock)\s+(?:size|enlargement|width|girth)\b/i
describe PENISSIZE	penis size
score PENISSIZE		3

# blarson 2007-12-24
full INVOICE		/\bPharmacy Invoice\b/i
describe INVOICE	Pharmacy Invoice
score INVOICE		3

# blarson 2008-01-01
header S_E_X		subject =~ /\bs\W?e\W?(?:x|[>)]\W?[<(])(?:\b|u)/i
describe S_E_X		s.e.x
score S_E_X		3

# blarson 2008-01-11
header EDSET		subject =~ /\bEDSET\b/
describe EDSET		EDSET
score EDSET		4

# blarson 2008-01-12
full CANADIAN		/\bCanadian.*pharmacy\b/i
describe CANADIAN	Canadian pharmacy
score CANADIAN		3

# blarson 2008-01-14
header INVOICE		subject =~ /\b(?:Invoice|order)\s+.?\s*\d+/i
describe INVOICE	invoice number
score INVOICE		3

# blarson 2008-02-02
header PHARMA		subject =~ /\bpharm/i
describe PHARMA		pharma
score PHARMA		2

# blarson 2008-02-18
full UITRAM		/\bUItram\b/i
describe UITRAM		UItram
score UITRAM		3

# blarson 2008-02-19
full ANTIED		/\banti(?:-|\s*)EDs?\b/i
describe ANTIED		anti-ED
score ANTIED		4

# blarson 2008-02-19
full BUYDRUGS		/\bbuydrugs\b/i
describe BUYDRUGS	buydrugs
score BUYDRUGS		4

# blarson 2008-02-21
body POPTHIS		/\bpop\s+this\b/i
describe POPTHIS	pop this
score POPTHIS		3

# blarson 2008-02-24
full BLUEPILL		/\bblue?.?(?:pil+|med)/i
describe BLUEPILL	blue pill
score BLUEPILL		3

# blarson 2008-02-26
full NAKEDWOM		/\bNaked\s*Wom[ae]n/i
describe NAKEDWOM	Naked Woman
score NAKEDWOM		2

# blarson 2008-02-26
full HERBALSUP		/\bherbal supplement/i
describe HERBALSUP	herbal supplement
score HERBALSUP		3

# blarson 2008-02-06
full VIA4		/viagra/i
describe VIA4		viagra in the middle of a word
score VIA4		3

# blarson 2008-03-14
full LEGALWEED		/\bLegal WEED\b/
describe LEGALWEED	 Legal WEED
score LEGALWEED		4

# blarson 2008-03-21
header PUSSY		subject =~ /\b\_?(?:pussy|cum|naked|g(?:-|\s*)?spot|nipple|manhood|one(?:-|\s+)eyed\s+monster|orgasm|breast|vibrator|p[e3]n[il]s|porno|Tittie|flaccid|shagging|stripping|hottie|orgasmic|capsule|climax|lace|horny|Pink|wet|foreplay|Playboy|playmate|bares|blowing|sucking|Embrace|courtship|love|bosom|exposed|freaky|motel|credit card|pleasure|Ejaculation|herba[l1]|dosage|\d+\s+mg|escort|Penetration|orgie|pecker|crotch|Pocket Rocket|Sports Illustrated|RAMBO|bees|Corpora Cavernosa|rod|luv|see-through|College|jetsetting|Shaven|1\d and|inches|lovemaking|bedroom|Purchase|kung fu|saucy|Buy|laid|Obama|dementia|No weight|pill|Pacify|screening|regret|brad pitt|undressed|freebie|Discount|wonderdrug|Rock|diet|racy|boob|ramming|Loving|bang|coming|tablet|customer|highs|limited edition|Shock attack|topless|CS\s*3|babe|kinky|clothes|bed(?:ding)?|fame|hurt her|LOTTERY|year old|hot action|Ladies man|\d+ inche?|creamy|Click Here|wicked|Shy|touch herself|Shopping|timepiece|Shop|Dealer|watches|luxury|flaunting|dressed|brand|Popular|bling|luxuries|order processing|hobbies|wealth|lucky|draw|thi\b|flesh|Bacheelor|Doctoraate|Exquisite|bottle|money|millionaire|price|famous|branded|Affordable|bucks|Grape Seed|Antioxidant|fashion|Antiox|Free Radical|wonder power|Paris Hilton|wrist|Pamper|Red hot|Nicolas Cage|sale|blood|scientist|sin|Steve Jobs|hot girl|Lordly|dosage|Prada|shoes|pilz|che+ap|babymaker|pornstar|chixx|shed|pound|Investment|E-gold|swagger|LNH|weener|shipping|billing|oem|PhD|university|accredited|degree|hi|from me|monster\.com|discreet|hey|Maxim|Erection|Webmaster|sell|Career|xxx\w*|medicine|medication|health|buying|Rx|pharm|medicinal|Perscription|debt|Cam|Medical|foto|Narcotic|meddiscount|crazy|japanese|Chat|babe|winner|sure cure|European|agency|vocanc(?:ie|y)|CareerBuilder|pilule|CorelDRAW|shag|cumming|Employer|jobseeker|NoPrescripiton|remedy|cheaper|SpaB|fedex|luksus)s?\_?\b/i
describe PUSSY		various spammy words in subject
score PUSSY		2

# blarson 2008-03-25
header FDA		subject =~ /\bFDA\b/
describe FDA		FDA
score FDA		3

# blarson 2008-09-05
body CANADIANRX		/\bCanadian(?:\s|_)+(?:Rx|med)/i
describe CANADIANRX	Canadian RxMedz
score CANADIANRX	4

# blarson 2009-06-19
# don da30 is a subtype of m68k; don't match it.
body MEDS35		/\b(?:meds?|shop|pill|gen|ca|via|cu|ko|me|ba|bu|ku|ma)\d\d\b/
describe MEDS35		meds35
score MEDS35		4