refefine/extend a existing rule in 20_ratware.cf possible ??
Hi, I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK to handle the new Outlook Message-ID format. Can I just redefine the supporting meta rule __FORGED_OE and let SA take care of the rest ? see patch here: http://issues.apache.org/SpamAssassin/attachment.cgi?id=4162action=view Thanks Paul -- Paul Griffith |Dept. of Computer Science and Engineering CSE Technical Team |4700 Keele Street, Toronto, ON, Canada, M3J-1P3 [EMAIL PROTECTED] |CSE1003A|Tel: 416-736-2100 x70258|Fax: 416-736-5872
Re: refefine/extend a existing rule in 20_ratware.cf possible ??
--On Tuesday, October 16, 2007 12:59 -0400 Paul Griffith [EMAIL PROTECTED] wrote: Hi, I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK to handle the new Outlook Message-ID format. Can I just redefine the supporting meta rule __FORGED_OE and let SA take care of the rest ? see patch here: http://issues.apache.org/SpamAssassin/attachment.cgi?id=4162action=view You've got part of it described... MESSAGEID =~ /^[EMAIL PROTECTED]$/m ... but in the past few days we saw also these two types: [EMAIL PROTECTED] mailed using Outlook, by an MSN customer [EMAIL PROTECTED] mailed using Outlook Express These anomalies are all coming from a group of hosts with names ending bay0.hotmail.com. That group of hosts are also responsible for passing along spam from botnet PCs. No scanning of outgoing mail? Joseph Brennan Columbia University IT
Re: refefine/extend a existing rule in 20_ratware.cf possible ??
On Tue, 16 Oct 2007 14:57:00 -0400, Joseph Brennan [EMAIL PROTECTED] wrote: --On Tuesday, October 16, 2007 12:59 -0400 Paul Griffith [EMAIL PROTECTED] wrote: Hi, I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK to handle the new Outlook Message-ID format. Can I just redefine the supporting meta rule __FORGED_OE and let SA take care of the rest ? see patch here: http://issues.apache.org/SpamAssassin/attachment.cgi?id=4162action=view You've got part of it described... MESSAGEID =~ /^[EMAIL PROTECTED]$/m ... but in the past few days we saw also these two types: [EMAIL PROTECTED] mailed using Outlook, by an MSN customer [EMAIL PROTECTED] mailed using Outlook Express These anomalies are all coming from a group of hosts with names ending bay0.hotmail.com. That group of hosts are also responsible for passing along spam from botnet PCs. No scanning of outgoing mail? Joseph Brennan Columbia University IT In Canada one of the largest ISP is Sympatico.ca and they offer a service [EMAIL PROTECTED] (http://sympatico.msn.ca/). They use hotmail to handle their e-mail backend. Their outgoing mail server is smtphm.sympatico.ca which is an alias for smtp.bc.hotmail.com. From my logs all the sympatico.ca e-mails we are getting are coming from the servers are in the bay0.hotmail.com range. I will patch FORGED_MUA_OUTLOOK in our own custom rules and and wait until SA offically updates 20_ratware.cf Thanks for the heads up on the BLU message id. -- Paul Griffith
Re: refefine/extend a existing rule in 20_ratware.cf possible ??
Paul Griffith wrote: Hi, I want to add a patch to 20_ratware.cf so I can extend FORGED_MUA_OUTLOOK to handle the new Outlook Message-ID format. Can I just redefine the supporting meta rule __FORGED_OE and let SA take care of the rest ? Redefining the rule in your site config (often located in /etc/mail/spamassassin) will redefine the rule as you are looking to do. Daryl
