On 22/12/2020 11:18 π.μ., Matus UHLAR - fantomas wrote:
spamassassin rule could look like this:
body __ARCHIVE_PASSWORD_1 /pass(word)? archiv(e|io):/i
body __ARCHIVE_PASSWORD_2 /archiv(e|io) pass(word)?:/i
meta ARCHIVE_PASSWORD __ARCHIVE_PASSWORD_1 ||
__ARCHIVE_PASSWORD_2
describe ARCHIVE_PASSWORD provides archive password
score ARCHIVE_PASSWORD 5
note that you might want to use replacetags and optionally fill with
\s? to
work around possible whitespace characters
On 22.12.20 12:19, Nikolaos Milas wrote:
The above set of 5 lines needs to be added in amavisd.conf anywhere as
such, or it must be included in some particular block or otherwise?
they are spamassassin rules, so they should be added in spamassassin't
local.cf (maybe amavis users' user_prefs but I prefer local.cf).
I understand that you have not included the actual (3 or 4 digit)
password in the rules. Shouldn't it be added somehow, to reduce risk
of false positives?
do those passwords repeat all the time?
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too fast to worry about cholesterol.
