Loren Wilton wrote:
Which dont seem to trigger the above rule. Any ideas?Not really. That's my rule and it works fine here, and many other places. However, you aren't the first to say it doesn't work for them. I'm guessing you are using something other than procmail/spamd to process mail, or maybe you are running on a windows/mac box? My guess is that something is taking the bare cr characters and helpfully either changing them to actual newlines or sticking newlines before or after them. Since I specifically check for a bare \r character rather than \r\n, if something is decorating the \r characters the rule won't fire. Just for grins try changing the rule to something like this and see if it works, and let us know: rawbody __LW_URI_CR1 /href=\"[^"]*\r\n?/is full __LW_URI_CR2 /href=\"[^"]*\r\n?/is meta LW_URI_CR __LW_URI_CR1 || __LW_URI_CR2 score LW_URI_CR 2 describe LW_URI_CR unescaped cr in uri Loren
Loren yup I'm using MailScanner to drive SA. I'll try your alternative and see how we get on... -- Martin Hepworth Snr Systems Administrator Solid State Logic Tel: +44 (0)1865 842300 ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote confirms that this email message has been swept for the presence of computer viruses and is believed to be clean. **********************************************************************
