� ## Forged CAMI Header
� header�� __CLAIMS_FROM_CAMI��� From����� =~�� /[EMAIL PROTECTED]/i
� header�� __NOT_CAMI_IP�������� Received� !~�� /\[206\.252\.197\.\d+\]/
� meta���� FORGED_CAMI_RCVD����� (__CLAIMS_FROM_CAMI && __NOT_CAMI_IP)
� describe FORGED_CAMI_RCVD����� Forged CAMI Header
� score��� FORGED_CAMI_RCVD����� 10.000
Note that __NOT_CAMI_IP contains a negative operator and contains a regex matching all of my "legit" IP networks (pared down here for readability).
"legit" meaning "yours"?
and is that Received only looking at the top Received: header?
-- Oh and I could be a genius if I just put my mind to it And I, I could do anything if only I could get 'round to it.
smime.p7s
Description: S/MIME cryptographic signature
