Would you mind posting the qmail-Message-ID filter you are using?
Thanks!
On Tue, 2004-06-15 at 10:58, Chr. von Stuckrad wrote:
On Tue, Jun 15, 2004 at 04:45:42PM +0200, Ralf Guenthner wrote:
> it would be great, if SARE came up with a comprehensive ruleset for this
> right-wing drivel. I've already made up my own for the time being, but
> I'm not very good with regex, so I guess it can be done more efficiently?! :
The rule which checks for the forged qmail-Message-ID[1]
worked pefectly here, and is only one Check/Pattern
instead of a big meta-Rule. (It was on the list,
onl this thread...)
So we removed the big rule and kept only the small
and NOTHING more came through (so far).
So I presume, we can avoid the big pattern-list
(at least for a while :-)
Stucki
[1] Qmail *always* uses numeric unix-date/time for the Message-ID
as in <[EMAIL PROTECTED]>
the forgery contains hexadecimals in the 'numeric' time/date-string.
