Hi,
What is the current state of the art for dealing with tricking people in the From with the "Name" part? For example: From: "supp...@example.com"<i...@air-compressor.ml> The "Real Name" part is used to put a fake email address of the actual domain (example.com would be my domain, or gmail.com or something other than air-compressor.ml). This has come up before[0], but at the time generic solutions seemed problematic due to various false positives, or missing features in spamassassin itself. I'm wondering what the current state is now. I can do a relatively easy meta-rule for my domain, something like this, but I'm not sure how well this would work, or if there are better methods now: header __LOCAL_FROM_QUOTE_ISUS From =~ /\".*\@example\.com\"/ header __LOCAL_FROM_CONTAIN_NOTUS From !~ /<.*\@example\.com/>/ meta TRICKY_FROM ((( __LOCAL_FROM_QUOTA_ISUS ) + ( __LOCAL_FROM_CONTAIN_NOTUS )) > 1) describe TRICKY_FROM From has example.com in quotes, but not in path score TRICKY_FROM 5 0. https://www.mail-archive.com/users@spamassassin.apache.org/msg100800.html -- micah
