On 7/16/2015 8:28 AM, a...@satester.com wrote:
On 2015-07-16 04:53, Kevin A. McGrail wrote:
You might find the regression_tests.cf in the trunk rules/ dir
interesting. It's a way of giving strings you want to hit/not-hit on
rules and see if it properly hits/doesn't hit as you expect.
I also use mutt and a few macros such as one that run spamassassin -t
2>&1 with a prompt for a keyword. Helpful for debugging.
Thank Kevin. I really appreciate your sharing. I will check these out
today. I've used regex for years but I'm relatively new to SA rules.
I did see something interesting this morning. I pasted KAM.cf in to
satester figuring it might overload my script but it worked. However
any sample text I type triggers these two rules of yours.
header __KAM_NOTINMYNETWORK1 X-No-Relay =~ /./i
header __KAM_MULTIPLE_FROM From =~ /^./
I think I get the first one (if anything exists in X-No-Relay) but
I'll have to look deeper to understand why you would trigger on any
From address. Anyway I'm having fun, learning a lot, and doing my
customers a lot of good by developing rules. Thanks again for your
tips and help.
The X-No_relay is just a header existence check.
The second has this special tflags __KAM_MULTIPLE_FROM multiple,maxhits=2
So it requires multiple hits, stops counting at two and is used for
emails that have incorrectly put in two From headers.
Regards,
KAM
