body IMAGE_ATTACHMENT /filename=\"[^\"]+\.(gif|jpe?g)\"/i describe IMAGE_ATTACHMENT Has a GIF or JPEG attachment. score IMAGE_ATTACHMENT 0.1
rawbody RAW_IMAGE_ATTACHMENT /filename=\"[^\"]+\.(gif|jpe?g)\"/i describe RAW_IMAGE_ATTACHMENT Has a GIF or JPEG attachment. score RAW_IMAGE_ATTACHMENT 0.1
rawbody CAREFUL_IMAGE_ATTACHMENT /^Content-Disposition: attachment;\s+filename=\"[^\"]+\.(gif|jpe?g)\"/i
describe CAREFUL_IMAGE_ATTACHMENT Has GIF or JPEG Content-Disposition.
score CAREFUL_IMAGE_ATTACHMENT 0.1
I then kill and restart spamd, and send myself an image with a GIF attached. But my SA headers still say:
X-Spam-Status: No, hits=0.0 required=4.0
tests=none
version=2.55-surehand002
X-Spam-Checker-Version: SpamAssassin 2.55-surehand002 (1.174.2.19-2003-05-19-exp)
What am I doing wrong? Is it something wrong with my regex, or do rawbody tests just not include the Content-Disposition information? I've also tried replacing [^\"] with just plain [^"] and with [^\.] instead; this changes nothing.
--Kai MacTane
----------------------------------------------------------------------
"And you can swallow, or you can spit
You can throw it up, or choke on it
And you can dream, so dream out loud
You know that your time is coming 'round
--U2,
"Acrobat"------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
