On Tue, 11 Dec 2018 at 18:22, Sławomir Dworaczek via Exim-users < [email protected]> wrote:
> thanks for reply > > what would the regex rule look like for all links in the content that look > like this http://whole.thic.com/pe/domaincontrol.html?email=2cd10@7bbbd > http://eubersu.zacas.com/s210/sav.php?email=b2067@25b40 > http://fees.3rdpartypolitics.com/citrix2/web01.php?email=434535 > > from org, net and us domains > > e.t.c > Recently, spam reports come a lot > > What exactly are you trying to achieve? I think you could control a lot of spam using rspamd these days. However, if you want to do this manually (whack-a-mole, I hear it being called), then look into using the system filter. if $message_body contains "this|that|other" then seen finish endif You can log snippets of what the filter rule is doing in some file that you can brood over and see if you are doing the right thing. I advise you look into rspamd. It does some good work with urls and guess what? You let it handle all this within itself and it decides on the actions. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft." -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
