On Mon, 21 Jan 2008, John D. Hardin wrote: > > m,https?://(?:[^\./]+\.)*goo+gle(?:pages)?\.(?:[a-z][a-z][a-z]?(?:\.[a-z][a-z])?)/+.*[?&](?:btni|adurl),i
If I understand that pattern, both the '*' are 'unbounded'??? This might 'break' your spamfilter, if spamassassin gobbles up all memory during analysis. Better replace any unbounded '*' by reasonable length {0,N}, with N a little more than the seen strings. Stucki -- Christoph von Stuckrad * * |nickname |<[EMAIL PROTECTED]> \ Freie Universitaet Berlin |/_*|'stucki' |Tel(days):+49 30 838-75 459| Mathematik & Informatik EDV |\ *|if online|Tel(else):+49 30 77 39 6600| Takustr. 9 / 14195 Berlin * * |on IRCnet|Fax(alle):+49 30 838-75 454/