I have email coming to me in the following way. To: Fake Name <[EMAIL PROTECTED]>
In other words it has two words before the email address. Eventually I will make it so it searches the prefix name for letters not found in my name. However to start I just wanted to see if I could find two words before the email address. All reasoning tells me that the following should work but it does not. Im stumpted. The name has a space as indicated in my example.
header CM_BAD_NAM_PREFIX To =~ /[[:alnum:]]{1,10} [[:alpha:]]{1,10} (<name\@(domain|domain2))\.COM>/i
I have found that /[[:alpha:]]+ (<name\@(domain|domain2))\.COM>/i finds : To: Fred <[EMAIL PROTECTED]>
I thought searches didn't need to be anchored.
SA's searches are perl regular expressions. Regular expressions are inherently not anchored unless you use the ^ or $ to anchor one end or the other.
Besides, your first rule would fully match your first example so even if they were anchored it should have matched.
See if your second rule matches:
To: Test Fred <[EMAIL PROTECTED]>
as well as
To: Fred <[EMAIL PROTECTED]>Try ditching the extra set of parens. You're not doing backreferencing later so they are pointless:
/[[:alnum:]]{1,10} [[:alpha:]]{1,10} <name\@(domain|domain2)\.COM>/iAlso, be sure to run spamassassin --lint if you didn't already.. Perhaps there's a typo in one of your rules that's causing it to not be parsed.
