On Monday 14 November 2005 11:22, Casey King wrote:
>Okay,
>
>I have the rule in my local.cf as
>
>body L_DRUGS11 /([CVAXP] ){5}/
>header L_DRUGS12 MESSAGEID =~
>/^<[EMAIL PROTECTED]>/
>meta L_DRUGS1 L_DRUGS11 && L_DRUGS12
>score L_DRUGS1 5
>describe L_DRUGS1 Strange Message-ID and Spam signature in body
>
>
>Since it did not seem to get picked up by the rule. I updated
>rulesdujour from the command line:
>
>./rules_du_jour
>
This sounds like a great idea.
If it works with 3.0.4, where can I get it?
>No errors were reported.
>
>Doing a spamassassin --lint returned no errors.
>
>To see if I could stop this type of message, I sent from one of my
> trash accounts, and this is what happens when the message comes
> through. Still not getting tagged with the new rule.
>
>
>-1.80 ALL_TRUSTED Did not pass through any untrusted hosts
>-2.71 AWL From: address is in the auto white-list
>0.50 HTML_40_50 Message is 40% to 50% HTML
>0.00 HTML_MESSAGEHTML included in message
>0.64 SARE_MSGID_LONG40 Message ID has suspicious length
>0.69 SARE_SPEC_LEO_LINE06
>5.00 SARE_URI_EQUALS Trying to hide the real URL with IE parsing bug
>0.00 UPPERCASE_25_50 message body is 25-50% uppercase
>
>-Original Message-
>From: Pierre Thomson [mailto:[EMAIL PROTECTED]
>Sent: Monday, November 14, 2005 9:19 AM
>To: Casey King; SpamAssassin Users
>Subject: RE: Rule for this ??
>
>Casey King wrote:
>>> body L_DRUGS11 /([CVAXP] ){5}/
>>> header L_DRUGS12 MESSAGEID =~
>>> /^<[EMAIL PROTECTED]>/
>>> meta L_DRUGS1 L_DRUGS11 && L_DRUGS12
>>> score L_DRUGS1 5
>>> describe L_DRUGS1 Strange Message-ID and Spam signature in body.
>>
>> This rule goes in the local.cf file right? I added this rule, and
>> restarted MailScanner and it does not seem to be reading the rule. I
>> am not so good with writing rules, but I was wondering
>>
>> Body L_DRUGS11
>> Score L_DRUGS1
>>
>> Are these supposed to be set this way, or do these both need to be
>> set
>>
>> to '1' or '11'???
>
>There are two sub-rules (L_DRUGS11 and L_DRUGS12) and one meta rule
>(L_DRUGS1) which gets the score and description. But you might have a
>problem with the line wrap; the line starting with "header" should end
>in "+>/". Run "spamassassin --lint" to check your configuration.
>
>Pierre
Hi all, I *believe* I have applied the following rule correctly,
To verify I ran the --lint , it all checked out ok BUT its giving some errors
with respect to the whitelisted entries I have in the local.cf that resides
in the SA directory
I know my whitelist works as I had a previously rejected message resent ,
and it came through without a hitch;
Here's the output from lint
And no, I did NOT add the custom rule to the local.cf
milter# spamassassin --lint
[923] warn: config: SpamAssassin failed to parse line, "[EMAIL PROTECTED]" is
not
valid for "whitelist_from_rcvd", skipping: whitelist_from_rcvd [EMAIL PROTECTED]
[923] warn: config: SpamAssassin failed to parse line, "[EMAIL PROTECTED]" is
not valid for "whitelist_from_rcvd", skipping: whitelist_from_rcvd
[EMAIL PROTECTED]
[923] warn: config: SpamAssassin failed to parse line, "[EMAIL PROTECTED]" is
not
valid for "whitelist_from_rcvd", skipping: whitelist_from_rcvd [EMAIL PROTECTED]
[923] warn: config: SpamAssassin failed to parse line, "[EMAIL PROTECTED]" is
not
valid for "whitelist_from_rcvd", skipping: whitelist_from_rcvd [EMAIL PROTECTED]
[923] warn: config: SpamAssassin failed to parse line, "[EMAIL PROTECTED]" is
not valid for "whitelist_from_rcvd", skipping: whitelist_from_rcvd
[EMAIL PROTECTED]
[923] warn: config: SpamAssassin failed to parse line, "[EMAIL PROTECTED]" is
not valid for "whitelist_from_rcvd", skipping: whitelist_from_rcvd
[EMAIL PROTECTED]
[923] warn: lint: 6 issues detected, please rerun with debug enabled for more
information
