On 4 Oct, Michael Moritz wrote:
| [...]
|
| 10/4/02 2:23:56 PM, Don Hammond <procmail(_at_)tradersdata(_dot_)com> wrote:
|
| >discussion of Klez (bugbear?) recipes. I want to point out that your
| >recipe won't work. Procmail scans headers only by default, so you have
|
| Overnight it caught 500 messages - not a single one was misidentified (but
maybe I changed some bits in the meanwhile
| and lost the goods ones:)
|
| How would I make one line case sensitive and the others not? (I know RTFM)
|
I don't know how it would've caught them, unless the filter in place is
different than the one posted. Or unless there's another filter that
catches them before or after procmail does this one:
:0 D
*Content-Transfer-Encoding: base64
*TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQA
*AEAAAAAAAAAAAAAAAAAABAAADgLnJzcmMA
/var/mail/junk
For that filter to match, all three conditions would have to match and
all 3 would be matched against headers only. It's hard to believe the
strings in the last two conditions are found in the headers.
To answer your question there is no direct (and native) way to make a
subset of conditions in the same recipe case sensitive, and the others
insensitive. You CAN specify B(ody) or H(eader) per condition:
:0 #(H is default)
* ^Content-Transfer-Encoding: base64 # matches against headers
* B ?? ^TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQA # matches against body
To accomplish what you want, use the A flag, something like:
:0
* ^Content-Transfer-Encoding: base64
{ }
:0 ABD
* ^TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQA
* AEAAAAAAAAAAAAAAAAAABAAADgLnJzcmMA
/var/mail/junk
If the first recipe matches, procmail does nothing { } "A"nd processes
the second recipe. If the first doesn't match, the second is skipped.
--
Reply to list please, or append "8" to "procmail" in address if you must.
Spammers' unrelenting address harvesting forces me to this...reluctantly.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail