Hi All
We are receiving the same image spam many times, random text within the
body.
The only common thing is a image attachment, with the filename in the
following format
DSL1234.png
I have made the following ' RAWBODY ' rule
/dsl[0-9]{4}\.png/i
This rule works if the text appears in the body, when testing with a
hand telnet to port 25, but fails in practice.
I think this is because the RAWBODY rule does not search the text of a
attachment.
example text of a spam
------=_NextPart_000_0075_01C9C5DF.A7950570
Content-Type: image/png;
name="DSL6672.png"
Content-Transfer-Encoding: base64
Content-ID: <a0ff8910$101f730d$6c822ecf>
Content-Disposition: inline
Any ideas ?
Thanks in advance
Regards
Gary