Chr. von Stuckrad schrieb:
On Tue, Jun 15, 2004 at 04:45:42PM +0200, Ralf Guenthner wrote:
it would be great, if SARE came up with a comprehensive ruleset for this right-wing drivel. I've already made up my own for the time being, but I'm not very good with regex, so I guess it can be done more efficiently?! :
The rule which checks for the forged qmail-Message-ID[1] worked pefectly here, and is only one Check/Pattern instead of a big meta-Rule. (It was on the list, onl this thread...)
So we removed the big rule and kept only the small and NOTHING more came through (so far). So I presume, we can avoid the big pattern-list (at least for a while :-)
Stucki
[1] Qmail *always* uses numeric unix-date/time for the Message-ID as in <[EMAIL PROTECTED]> the forgery contains hexadecimals in the 'numeric' time/date-string.
My apologies. I lost my older list e-mail yesterday and thus the previous thread about this issue escaped me. If I'd seen it, I wouldn't have asked, of course. Cool to have this single rule <s>
Cheers Ralf G.
