> Hmmm, yep, that does make it a bit more difficult. I think the following > header checks should work, however: > > /^Subject: *$/ DUNNO > /^Subject: *\[.+\]*$/ DUNNO > /^Subject:[ a-zA-Z0-9,;:.?\(\)-]*$/ DUNNO > /[^[:print:]]+/ DUNNO > /./ 550 I don't
Wouldn't those last two need to be contained somehow because the check file is for the entire set of headers? I tried it on a regular message header and got lots of false positives. For example these did false positives: from: "bill landry" <[EMAIL PROTECTED]> REJECT to: <[EMAIL PROTECTED]> REJECT A simple method of cleaning that up would be to enclose it in: if /^Subject:/ endif I ran the below through if/endif with no false positives: Subject: -"m`y gir'lfrien"ds ar.e over the m'oon... fltgmtdqafuqnb Subject: _`,Gi-ve her s'ome th^ing to pr-ais:e you f:o.r! mmeynpbbfafucd Subject: Gu.ara^nteed _P.ENl,LE GR:OWTH' Subject: *.`^-BO:0S:T" D:ICK" S.I,Z:E-: nfpequbd Subject: _Enh.anc*e yo,u'r ,RO_D- * wvtxbvd Subject: Sa.tisfy your lover today!! Subject: _..PR'0VE:N- T,0" E_N_HA^N`CE. P"EN;l;S.^:, wcfwrlbed Subject: Eric, Eliminate 30-60% of your outstanding debt! Subject: `__,-B^O,0S.T "D_I:C,K; S`I.Z:E'":*. jusbgwdw Subject: ;.G'E"T-B.IGP'EN-I-S:-^ pgouiccm Subject: new to Magical otcbb:exgl up 8% on the day Subject: =?ISO-8859-1?b?UmU6U3BlY2lhbCBQcm9tb3Rpb24gU2lsZGVuYWZpbCBDaXRyYXRlICAoNik gNTBtZy4gZG9zZXMgRlJFRSBDb25zdWx0YXRpb24=?= Subject: =?ISO-8859-1?B?UmU6R2VuZXJpYyBWaWEqZ3JhIGhhcyBiZWNvbWUgdGhlIHNvbHV0aW9uIGZ vciB0aG91c2FuZHMgb2YgbWVu?= Subject: Fraud Alert. DarkProfits.com - Order 1845. Subject: =?iso-8859-1?Q?My_name_is_Jos=E9_Mu=F1oz=2C_see_the_accents=3F?= Subject: My name is Jos� Mu�oz, see the accents? From: "Bill Landry" <[EMAIL PROTECTED]> X-MSMail-Priority: Normal X-UIDL: 359280721 So time to try it with a WARN lie and see what I get. --Eric
