Spammers are using a lot of different ways of using the word "publicidad", I had a few different rules to block them, but since now I saw that there was a character "¡" used an "i" and at the same time an "i " followed by an space.
So, I used the .?. and it catches the "i" and the space and just in case the spamer tries to use "publi ci dad" it will be catched as well. In my RegEx editor it passes the test. About the word "publicidad" In my server not much people uses that word and that is why I can block it. Sergio 2011/11/21 Karsten Bräckelmann <guent...@rudersport.de> > On Mon, 2011-11-21 at 17:49 -0600, Sergio wrote: > > Thank you Karsten for your input. > > > > I have modified the rule to the following and is working great: > > > > header ADVERTISE_RULE8 Subject =~ /publ.?.c.?.dad/i > > I see you wildcarded both instances of 'i', with an additional, optional > second char each. However, you also dropped the space in "publici dad" > as per your original rule -- intended? > > Doesn't have "publicidad" a more general meaning, too? > > > If I see there are a lot of false positives I will modify it a bit, > > but for now it is what I was looking for. > > Again, I strongly recommend to lower the score. And, of course to add a > \b word boundary at the beginning and end of the patter. > > > -- > char *t="\10pse\0r\0dtu\0.@ghno > \x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; > main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? > c<<=1: > (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; > }}} > >