On Thu, Dec 21, 2006 at 01:33:19PM -0800, Bart Schaefer wrote:
If what you want is "there is a text/plain part AND every body
part is base64" then the best way is to use scoring. I'm not
sure why you care that there is a text/plain part, but ...
:0B
* H ?? ^Content-Type: *multipart
* ^Content-Type: *text */ *plain
* 1^1 ^Content-Transfer-Encoding: *base64
* -1^1 ^Content-Type:
{}
:0E:
$BASE64
This says to add one to the score for every base64 c-t-e, then
subtract one for every content-type. If the resulting score is
positive, then at least one part did NOT have base64 encoding, so do
nothing (the empty braces). Else, deliver to $BASE64.
Entirely similar to what I was just putting together (and to something
I already use), so I will abandon what I was doing. I have a couple
of comments besides your "border cases" (deleted, however, here).
First, "{}" won't work. There needs to be whitespace. It can
be
{ }
or, of course,
{
}
Second, the spammers could have a line break and whitespace between the
raw header and the "base64". Not common, but not impossible. And the
optional whitespace before the base64 could be a tab, also. So, presuming
$WS has been defined already as a space and a tab inside brackets,
use something like:
* $ 1^1 ^Content-Transfer-Encoding:[$WS]*(^$WS)*base64
(Similarly, the first two conditions should account for tabs as well
as spaces.)
Dallman
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail