-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pursuing the goal of intelligently flagging spam which contains random strings of characters, I'm playing with methods of identifying strings that won't appear in normal email, and hopefully methods which will also exclude valid PGP signatures or encrypted PGP emails, and will also exclude valid web links with quasi-random directory/file names.
Proposed rule:
body RM_bl_ConsWord8 /\b[bcdfghjklmnpqrstvwxz]{8}\b/
describe RM_bl_ConsWord8 Body contains "word" of 8 consec consonants
score RM_bl_ConsWord8 0.01
Problem: SA appears to be matching this rule against emails where I think
it shouldn't. One example is attached. I have tried to find the matching
location for this regex in the attached email, and cannot. But SA thinks
it matched.
Can anyone help me see what I might be doing wrong?
Thanks.
Bob Menschel
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
iQA/AwUBPzWH65ebK8E4qh1HEQK/aACffu8ZY2+MtWPvtcL4BI+PRJ077k4AoP5v
grUMOdDf6T6ssSOCnViUxcnS
=RH3G
-----END PGP SIGNATURE-----
newtest.lst
Description: Binary data
