After some thinking and some questions (thanks Jim) I think I need to write
a test for my own special header, and if found, give the messages a negative
score.
How do I do this?
My headers typically look like:
HEADER_NAME: ID= [6_HEX_CHARS].[6_HEX_CHARS].SERVER_NAME,dns; localhost
(localhost [127.0.0.1]),uid NUMERIC_USER_ID_OF_SENDER
OR
HEADER_NAME: ID= [6_HEX_CHARS].[6_HEX_CHARS].SERVER_NAME,dns; HOSTNAME
([HOST_ADDR]),AUTH: LOGIN [EMAIL PROTECTED]
I think I need to do something like this and add it to the 20_head_test.cf
file?
Are there existing character classes? My PERL is REALLY rusty...
header MY_GOOD_HEADER =~ /^ID=[hex_digit]{6}:[hex_digit]{6}.SERVER_NAME,dns;
.....$/
describe MY_GOOD_HEADER Detected known good auth headers, so subtract from
score (-10)
Would I be better off keeping it shorter? Like:
header MY_GOOD_HEADER =~ /^ID=[hex_digit]{6}:[hex_digit]{6}.SERVER_NAME,dns;
/
Is there a way to make a rule whitelist instead of just subtracting from the
score? Is there a limit on how much I can subtract? I'm running 2.41... plan
on updating, but this is urgent...
Thanks a bunch in advance.
m/
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
