On Mon, 12 Jan 1998 22:51:59 -0500 (EST), gsutter(_at_)pobox(_dot_)com wrote:
# An invalid Message-Id: header
:0
* !^Message-Id:[ ]*<[^ <>@]+(_at_)[^ <>@]+>[ ]*$
{ SPAMMER="invalid Message-Id: $MATCH" }
I believe credit for this belongs to Era.
Thank you, thank you. However, as somebody pointed out, it is in fact
valid for a Message-Id to contain spaces (and presumably some other
"magic" characters, perhaps backslash-escaped), iff it is also quoted.
See RFC822 for details, or check the recent thread on this list.
(To be perfectly honest, I still use this recipe, because I never saw
a false match in the mail I receive, but YMMV.)
I also note that you are not using \/ in this recipe, and that $MATCH
will therefore contain whatever some earlier \/ happened to grab. It's
a bit tricky to get any useful logging when checking for a negated
condition, but you could always do something like
:0
* ! ^Message-Id:<... blah blah ...>
{
:0
* ! ^Message-Id:
{ SPAMMER="Ouch: no Message-Id" }
:0E
* ^Message-Id:[ ]*\/[^ ].*
{ SPAMMER="Invalid Message-Id: $MATCH" }
}
Checking for no Message-Id at all is futile if your site uses
Sendmail, because (stock) Sendmail will always add a Message-Id if one
is missing. Other MTA:s (among them Qmail, I hear) act more sensibly,
and leave the headers alone on incoming mail.
Hope this helps,
/* era */
--
Paparazzi of the Net: No matter what you do to protect your privacy,
they'll hunt you down and spam you. <http://www.iki.fi/~era/spam/>