Loren Wilton wrote:
This is completely untested, but something along these lines might work for
you.
header __BOGUS_SENDER From =~ /[EMAIL PROTECTED]/i
full __ATTACH_HDR /\nContent-Type\:.{0,100}\sname=\".{1,50}\.pps\"/is
meta BLOCK_STUPID_PPS __BOGUS_SENDER && __ATTACH_HDR
score BLOCK_STUPID_PPS 100
Of course, if this guy is SENDING, then this means you must be using SA to
scan OUTgoing mail as well as incoming?
It definitely worked! The user is outside the organisation so no
outgoing filtering is needed, just incoming.
A dot should be added before the TLD in the header test and it's fine.
Thanks Loren
