From: Michelle Konzack [mailto:linux4michelle(_at_)freenet(_dot_)de]
Sent: Saturday, July 05, 2003 2:45 AM
Am 10:06 2003-06-29 -0600 hat Linux geschrieben:
Hello all!
I have noticed a substancial increase in spam lately. I am
running SA and
it isn't taggging it. After investigation, I found that
they are sending
html mail such as:
G<!--rawxyf2ah84k51-->ene<!--ic89v487l64w-->ric
Vi<!--4ngj8h2wn7f-->ag<!--ix211g1xscaei-->ra
The problem is where the <!-- xxxxx --> is embedded.
How would I add a filter that would count all the instances of "<!--"
and if
there are 5 or more, dump it to my spam directory?
Any help would be appreciated.
If you filter the Mail and the Content-Type is somthing with
'html' pipe
the Message first through 'sed' ;-)) and the '<!--' and '-->'
are history.
You could strip out all of the comments, but from what I've seen, nearly all
of the subversive comments are in the form
[a-z0-9]<!--.*-->[a-z0-9]
while legitimate comments are on their own lines, or at least have spaces on
either side of the <!---->.
Dustin
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail