I've been having no luck with a simple regex to match strings with 20 or less
characters.
My idea is to block certain commonly used subjects to make phishing attempts:
Example:
Subject example: Unlock Your Account
discard condition = ${if match{$header_subject:}{.\{0,20\}Unlock Your
Account\$}}
logwrite = Rejected By SPAM - $header_subject - FROM:
"$sender_address"
I try to match the rule with other types of subjects used to steal data, but
not work. (Example America Alert: Unlock Your Account)
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
