On Fri, 9 Oct 2015, AK wrote:
On 20/09/15 03:07, Dave Funk wrote:
Notes:
1) Due to SA pre-processing collapsing body into one long line, cannot
match on '^' repeatedly, need to look for '\n' as line break indicator.
Find start of a line and then following repeats of ".\n"
Dave,
I've bee
On 10/9/2015 12:07 AM, AK wrote:
On 20/09/15 03:07, Dave Funk wrote:
Notes:
1) Due to SA pre-processing collapsing body into one long line,
cannot match on '^' repeatedly, need to look for '\n' as line break
indicator.
Find start of a line and then following repeats of ".\n"
Dave,
I've be
On 09/10/15 15:10, Kevin A. McGrail wrote:
Perhaps you'll have more luck looking at the debug output from SA
itself? Something like spamassassin -t -D < email.mbox 2>&1 | grep -i
RULE
Nope, no luck there either; did not see mention of my rule (though it's located
inside /etc/spamassassin/
On 10/9/2015 12:07 AM, AK wrote:
On 20/09/15 03:07, Dave Funk wrote:
Notes:
1) Due to SA pre-processing collapsing body into one long line,
cannot match on '^' repeatedly, need to look for '\n' as line break
indicator.
Find start of a line and then following repeats of ".\n"
Dave,
I've bee
On 20/09/15 03:07, Dave Funk wrote:
Notes:
1) Due to SA pre-processing collapsing body into one long line, cannot
match on '^' repeatedly, need to look for '\n' as line break indicator.
Find start of a line and then following repeats of ".\n"
Dave,
I've been creating my own regular expressi
On 20/09/15 03:07, Dave Funk wrote:
Notes:
1) Due to SA pre-processing collapsing body into one long line, cannot
match on '^' repeatedly, need to look for '\n' as line break indicator.
Find start of a line and then following repeats of ".\n"
Dave,
I need to see the mail message as spamassas
On 20/09/15 03:07, Dave Funk wrote:
Final note; now that we've discussed this spam sign, it will probably
become useless as spammers follow this list and mutate their crap
accordingly to dodge our rules. ;(
Awesome notes, Dave, thanks.
The tutorial really helped and it's all been added to
On 19 Sep 2015, at 10:51, AK wrote:
Hi all.
I'm getting hit with lots of JUNK mail that has multiple lines with
just a '.' on several lines [0]. Most of the JUNK email has at least
5 and at most 10 lines (so far) with just this '.' character somewhere
in the middle of the message.
I've co
On Sun, 20 Sep 2015, AK wrote:
[..snip..]
Still no joy after removal. However, at least the rule now hits if I
replace:
/(^\.\n){5,}/
with
/(^\.\n)*/
But that looks like it might bring about some FPs. Any other suggestions?
Do you realize that rule will -always- fire on -any- message?
T
On Sun, 20 Sep 2015, AK wrote:
Hi all.
I'm getting hit with lots of JUNK mail that has multiple lines with just a
'.' on several lines [0]. Most of the JUNK email has at least 5 and at most
10 lines (so far) with just this '.' character somewhere in the middle of the
message.
I've copied
On 20/09/15 01:30, Benny Pedersen wrote:
On September 19, 2015 4:52:30 PM AK wrote:
= Start Rule Block =
rawbody __MANY_PERIODS_1 ALL =~ /(^\.\n){5,}/
remove ALL =~, my own rawbody rules dont have it
Still no joy after removal. However, at least the rule now hits if I
replace:
Hello
If you using compiled rules you probably should use:
sa-compile command and restart (if use :) sa-spamd
Best Regards.
On September 19, 2015 4:52:30 PM AK wrote:
= Start Rule Block =
rawbody __MANY_PERIODS_1 ALL =~ /(^\.\n){5,}/
remove ALL =~, my own rawbody rules dont have it
13 matches
Mail list logo
