ram wrote:
>>>
>>>
>> You don't do it as a "conditional" rule.. Any "conditional" rule
>> structured that way would be something like an ifplugin, which would
>> inhibit it from loading the rule when the file is read, before scanning
>> the message.
>>
>> To get the functionality you want, you'd use a meta rule instead..
>>
>> header __TO_CC_PHARMA_COMPANY ToCc =~ /[EMAIL PROTECTED]/i
>>
>> body __HAS_VWORD /viagra/
>>
>> meta ALLOW_MEDS ( __HAS_VWORD && __TO_CC_PHARMA_COMPANY)
>> score ALLOW_MEDS -2
>>
>>
>
> I am already doing this , But I see it does not scale
> This would work but every message that passes spamassassin would fo thru
> __HAS_VWORD even if it were not for pharmacompany.com
>
Yes. SA will run the __HAS_VWORD rule.
There's no way in spamassassin to on-the-fly disable rules during a
message scan, except the short-circuit feature.
> Now I have 2000 domain administrators and if all of them were allowed
> to use this "feature", I am sure my SA boxes will cry
>
Really? It's that bad to add a single, very simple, body regex? Have you
looked at how many body regexes the stock SA configuration runs? Have
you looked at how many are hundreds of times more complex, just by
themselves?
For example 20_drugs.cf contains:
body __DRUGS_ERECTILE1
/(?:\b|\s)[_\W]{0,3}(?:\\\/|V)[_\W]{0,3}[ij1!|l\xEC\xED\xEE\xEF][_\W]{0,[EMAIL
PROTECTED],3}[xyz]?[gj][_\W]{0,3}r[_\W]{0,[EMAIL
PROTECTED],3}x?[_\W]{0,3}(?:\b|\s)/i
And question, are you really trying to do this as a whitelist, or are
you trying to compensate for the score of one of the standard rules? If
you're trying to compensate for a standard rule, you can use it, rather
than your own... That way you're not adding any extra regexes, other
than the__TO_CC_PHARMA_COMPANY, which is unavoidable to do what you want.
For example, you could do:
meta ALLOW_MEDS (__TO_CC_PHARMA_COMPANY && DRUGS_ERECTILE)
The meta rule itself is processor-wise quite cheap.
