Loren Wilton wrote:
Valid email addresses have a well-known structure (i.e. [A-z.]*_NAME)
so, for example [EMAIL PROTECTED] is clearly a bogus address.
Off the top of my head you might be able to do something like (untested):
header __GOOD_NAME To =~
/[A-Za-z]{1,30}_[A-Za-z\d\.]{2,40}\@(?i:domain\.com)/
meta BAD_NAME !__GOOD_NAME
score BAD_NAME 2
Above is based on the assumption that "NAME" includes only letters,
numbers, and dots. If it can also have underscores then you could
just do \w{2,40} or the like for the second part.
Hmmm - not a bad start, I guess. If I were to put something like this
in individual users' .spamassassin/user_prefs - then I could be even
more restrictive about NAME. I am concerned, however, that this might
not cope well with mailing lists (where To is the mailing list name) or
in circumstances where the user is CC'd rather than addressed directly.
