At 23:56 2001-11-17 -0500, Louis LeBlanc wrote:
Here is the recipe that caused the false positive:
#####################################
:0DBHfhw
* ^Subject:.*SEX|FREE SEX|LESBIANS| XXX |HARDCORE|GAY
I would suggest that when you OR conditions, you properly enclose them in
parenthesis. This one especially, since you have it flagged to check the
body as well (why???).
* ^Subject:.*(SEX|FREE SEX|LESBIANS| XXX |HARDCORE|GAY)
Without it, you're matching:
^Subject:.*SEX (anchored to the beginning of the line)
FREE SEX (anywhere in the message, headers or body)
LESBIANS ("I have friends who are lesbians")
XXX (used as a separator)
HARDCORE ("hardcore programmers prefer..."
GAY ("Richard Gaylord precided over the ceremony")
BTW - I expect that your own message (received back from the list) will
have tripped your rule. So too, will this one.
Content-type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg=sha1; boundary="------------ms050202050905060702080900"
Your multipart bouncaries are not included in the message you
forwarded. My guess is that the match occurred there.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail