At 15:04 2005-08-31 -0400, Louis Proyect wrote:
2. The recipes that are meant to catch anything with "st0ck" or "St0ck", a
dead giveaway for Penny Stock newsletters that 9 out of 10 times are hypeing
non-existent companies!
:0 B
* Penny-stocks
/dev/null
:0 B
* Penny stocks
/dev/null
combine these two:
:0B
* Penny[ -]stocks
/dev/null
I would strongly recommend against scuttling directly to /dev/null though,
and you could simply use \> instead of the character class between the
words, which will increase the word separators used
:0 B
* st0ck
/dev/null
:0 B
* St0ck
/dev/null
You're using case-sensitivity when it isn't appropriate - Procmail is by
default case insensitive (check the manpages). As such, these two recipes
evaluate the same.
Combine all three:
:0B
* (Penny[ -]stocks|st0ck)
/dev/null
3. A sample spam that was not caught by the filter.
Is it the original message untweaked, or did it perhaps have ENCODING?
4. The procmail output generated for the spam with verbose on. You'll note
that it didn't find a match on "st0ck" when it is clearly evident.
But is that "clearly evident AFTER the message was tweaked by your
windows-based email client and posted into a webdoc? The RAW message is no
doubt significantly different.
I trust you're filtering this list *BEFORE* your stock filters, because
with all those /dev/null deliveries, you're just begging to trash all the
responses people send.
5. What is truly bizarre is the procmail output I get when I simply forward
the same message to myself. When I do this, it is caught by the filter. I
can't understand how this is possible.
Because your email client has unencoded the message from it's originally
encoded form and posted it as plain ascii text. Examine the ORIGINAL
message in your mailbox before downloading it.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail