Many spam/pfishing emails are received that contain a hyperlink to documents on a consistent specific server of the form; https://<some_arbitrary_account.host.secureserver.net/<some_folder>/<some_subfolder>/<keyed_document...
If I write a rule to scan for this spam by looking for secureserver.net in the body of the email, the rule never finds the text that is imbedded in the hyperlink. I would like to see the body search engine function scan everything included in the body of the email including embedded hyperlink text.