AM
To: [EMAIL PROTECTED]
Cc: Mitch (WebCob)
Subject: Re: [courier-users] Seeming issue between SA courier... WAS
RE: [SAtalk] RCVD_IN_DYNABLOCK,RCVD_IN_SORBS in 2.61 when sending myself
a test message?
I guess you have to escape the parenthese in the square brackets as well:
\(AUTH
-
From: Mirko Zeibig [mailto:[EMAIL PROTECTED]
Sent: Thursday, January 08, 2004 12:17 AM
To: [EMAIL PROTECTED]
Cc: Mitch (WebCob)
Subject: Re: [courier-users] Seeming issue between SA courier... WAS
RE: [SAtalk] RCVD_IN_DYNABLOCK,RCVD_IN_SORBS in 2.61 when sending myself
a test message?
Mitch
Mitch (WebCob) wrote:
Received: from a1200 ([24.83.X.X])
(AUTH: LOGIN [EMAIL PROTECTED])
by bigass1.XXX.com with esmtp; Thu, 08 Jan 2004 00:04:43 +
...
if ( $i == 1 ( ! $MATCH =~ /Received: .*\(AUTH: [^)]*\) *by/) )
...
So the first .* catches all characters up to the escaped (AUTH:
Yes.
Mitch (WebCob) said the following on 01/08/2004 01:37 AM:
Ok - thanks - that works better for a number of reasons - (I'll post the
running verison once I play with it) - by making sure I am testing the first
header, I don't need to care about example.com (which is good, cause then I
can put the
: [courier-users] Seeming issue between SA courier... WAS
RE: [SAtalk] RCVD_IN_DYNABLOCK,RCVD_IN_SORBS in 2.61 when sending myself
a test message?
Mitch (WebCob) wrote:
My first concern is that apparently due to the differences in courier's vs
sendmails Received header formats, the first courier
Mitch (WebCob) wrote:
Good idea, but is it really that simple?
Yeah, why not?
I would only want to do this for
the top Received header - if I test all headers a spoofed auth header can
bypass spamassassin.
If you're really that paranoid about it, you can probably flesh this out:
i=1
foreach
]
[mailto:[EMAIL PROTECTED] Behalf Of Gordon
Messmer
Sent: Wednesday, January 07, 2004 10:31 AM
To: [EMAIL PROTECTED]
Subject: Re: [courier-users] Seeming issue between SA courier... WAS
RE: [SAtalk] RCVD_IN_DYNABLOCK,RCVD_IN_SORBS in 2.61 when sending myself
a test message?
Mitch (WebCob) wrote:
Good
I'm cross posting this message here just to keep other courier users in the
loop. I'm a long time courier user but not quite as long time SpamAssassin
user. I noticed a problem with false positives related to the default
settings in SA. Messages sent from my home machine to myself were being
Mitch (WebCob) wrote:
My first concern is that apparently due to the differences in courier's vs
sendmails Received header formats, the first courier header is not always
detected. Secondly, if I am sending to another user in my own system via
authenticated SMTP, the rule still triggers - even