>-----Original Message----- >From: John Wilcock [mailto:[EMAIL PROTECTED] >Sent: Thursday, October 14, 2004 5:19 AM >To: users@spamassassin.apache.org >Subject: [RD] incorrect real name (was Re: feeding frenzy for >ws.surbl.org!!!) > > >On Thu, 14 Oct 2004 08:51:56 +0200, John Wilcock wrote: >> In particular, I have an idea for the To field: >> >> | To: "judson burrows" <[EMAIL PROTECTED]> >> >> My name isn't "judson burrows", or Ophelia Rrnyihie, or >"edmond olivio", >> or any of the numerous similar names spammers have addressed me as >> recently! It ought to be fairly easy to write a rule >specific to me that >> fires if the real name contains neither John nor Wilcock, > >I've just come up with a first attempt at this, that seems to work: > >| header __TO_NOREALNAME To =~ /^["\s]*\<[EMAIL PROTECTED]>?\s*$/ >| header __TO_GOODREALNAME_JOHN To =~ >/^\"?john\s+wilcock\"?\s+\<[EMAIL PROTECTED]>?\s*$/i >| header __TO_JOHN To =~ /john\@/i >| meta local_BADREALNAME_JOHN __TO_JOHN && >!__TO_GOODREALNAME_JOHN && !__TO_NOREALNAME >| describe local_BADREALNAME_JOHN To John but with wrong real name >| score local_BADREALNAME_JOHN 2.0 > >but only for me personally, of course. Anyone any comments on whether >this rule could be improved or optimised? I'm sure it ought to be >possible to write a single regex rather than these three meta-rules... > >And how about the more general case I mentioned: > >> a generic plug-in that does an LDAP lookup or similar in order to >> determine the real name of J. Random User then checks >whether the first >> and last names match? There's a challenge for you... > >Any takers?
Is this not at the mercy of how users put your email into their address book? What if my wife adds me to her address book under "Sexy stud muffin"? Would that not fail on this rule? --Chris
