ok thanks, now that thats all clear i'm getting my domain spoofed and trying to stop the returns from the spoofed targets coming to my domain and then getting fwded to my default email account. my mail servers spam assassin tools are: blacklist_from required_score the only thing thats constant and identifiable in the returned header is a variation of the spoofed name like [EMAIL PROTECTED] in the header its the 'to:' data if this makes sense to anybody, i want to use spam asssassin functionality available to me as a mail service customer, to tell my mail service to drop any messages coming to my domain that are returns from other mail servers that have been spammed with a spoofed email address from my domain. the only thing thats constant enough in the messages is a variation of the spoofed name that always starts with say 'spoofname' and has some combo of letters after that and before the @. my dilema is the spam assassin tools available to me don't seem to be able to identify a wild card identifiable name in the 'to:' field, they only allow testing for the content of the "from;" if it can't be done, so be it, i'm just trying to figure out if its possible to block this stuff from getting to me. thanks
Matt Kettler-3 wrote: > > bbxrider wrote: >> i'm not familiar with the term file-glob-style-patterns, so my question >> is do >> * and ? work like traditional searching tools? >> > I don't know what you mean "searching tools", but it's the same patterns > used by any ordinary dos command prompt or unix shell. > > "globbing" is what the shell does to interpret things like "ls bayes*", > or on windows "dir bayes*", hence the term "file-glob-style-patterns". > >> for creating a blacklist_from entry, >> where [EMAIL PROTECTED] would block any email from domain.com that >> started with 'fakename' and had any number of characters after fakename >> and >> before @ >> where [EMAIL PROTECTED] would block any email from domain.com that >> started with 'fakename' and had any 3 characters following 'fakename' and >> before @, but only 3 characters no more no less >> > That is 100% correct. >> thanks bbxrider >> >> > > > -- View this message in context: http://www.nabble.com/use-of-*-and---in-blacklist_from-tf3874156.html#a10982745 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
