Hi All: I have an implementation of ASSP (1.9.3.4 (1.0.0.4)) that
someone preconfigured with some "starter rules".
In my Regex / Bombs section, there's the following regex in the "Rgex to
Identify Spam in Header Part" section:
\d\s+(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s+\d\d\d\d\s+\d\d:\d\d(:\d\d)?\s+[+\-]\d\d[6-9]\d
which matches:
Received: from exchange.sender.local ([173.193.xxx.xxx]
helo=AFC-exchange.sender.local) by assp.myserver.com with ESMTP
(ASSP 1.9); 22 Apr 2014 10:14:32 -0700
The above header was from a legitimate email, where the additional
points from the regex match were enough to push it into the spam pile.
I'm just wondering if this regex is necessary, given that legitimate
email frequently has a date in the received header?
I realize I can change the rule from "score" to "monitor" and see how
often it occurs, but I see this date-matching regex also appears in the
bombsubjectre file and bombre file.
Thanks for any insights!
------------------------------------------------------------------------------
Start Your Social Network Today - Download eXo Platform
Build your Enterprise Intranet with eXo Platform Software
Java Based Open Source Intranet - Social, Extensible, Cloud Ready
Get Started Now And Turn Your Intranet Into A Collaboration Platform
http://p.sf.net/sfu/ExoPlatform
_______________________________________________
Assp-user mailing list
Assp-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-user
