On Wed, Mar 22, 2000 at 11:11:38PM +0100, Rejo Zenger wrote
Hi,
I guess i'm just overlooking a thing here, but can someone explain why
this does not work?
QUAD = "([1-9]|[1-9][0-9]|1[0-9][0-9]|2([0-4][0-9]|5[0-5]))"
IP = "${QUAD}\.${QUAD}\.${QUAD}\.${QUAD}"
:0
* ! ^Received: \(from
* ! ^Received: from.*${IP}
[action: One of the servers did not record senders IP address.]
I want to test for Received lines without an (valid) IP adress.
Someone else has already mentioned the missing $. I see a couple of
additional problems...
The "Date:" header should cause a false positive, if your filter is
as listed. I would go for a count of all "Received: from" lines, and
subtract the count of those same lines with IP addresses, like so...
:0
* 1^1 ^Received: from
* -1^1 ^Received: from.*[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
[action...]
"man procmailsc" for a detailed explanation of "scoring" recipes.
--
Walter Dnes <waltdnes(_at_)waltdnes(_dot_)org> SpamDunk Project procmail
spamfilter
at http://www.waltdnes.org This message coming to you in living Linux.