Rule match by Subject: ?

Julian Field MailScanner at ecs.soton.ac.uk
Thu Feb 17 17:59:02 GMT 2005 

    [ The following text is in the "ISO-8859-2" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

The problem is parsing it all.
I could insist on double-quotes round the pattern for the header value,
regardless of what type of pattern it is (so regexps would look like
"/...../") but then I've got to allow the " character in the string.
Then there's the problem of "and" conditions, so I can't even look for
the last " in the rule. But it would be better than nothing, and would
let me get started on it. Maybe I do a half-way-house solution now, and
re-visit it later if people actually need me to. In the mean time, if
you want to use "and" then you would have to put the header match on the
right-hand side of the "and", so you wouldn't be able to use a rule that
studied 2 different headers.

But if people don't actually need that functionality, then it's not a
great problem.

I think I have to be practical about what to allow users to do, doing a
theoretically perfect solution is going to be very awkward.

You would still be able to do
header subject "string" yes
and
from user at domain and header subject "string" yes
but you wouldn't be able to do
header subject "string" and header list-id "string2" yes

The "header" keyword is required as otherwise I can't tell the
difference between checking the envelope sender (with "From") and the
From: header (with "header From").

How does that sound?

Chuck Foster wrote:

> Marcin wrote:
> > Is it not enough that people can add a proper rule to spamassasin
> > and rise/lower scores for matching subjects?
> > I do it eg. for word 'virus' in subject and that works fine.
>
> This would be after the rulesets have been examined of course, ie. the
> decision has already been made; I guess someone might want to do
> something like:
>
> To:     user at domain and Subject: /v[i1]agra/    delete
>
> rather than SpamAssassin simply setting a score for the message.
>
> I can see potential applications for this on arbitrary headers, not
> too sure how useful it would be generally (though of course once it's
> there ... (hmm,   X-Mailer:   /outlook/       delete     :-))
>
> Chuck
>
>
>
> This message should be regarded as confidential. If you have received
> this
> email in error please notify the sender and destroy it immediately.
> Statements of intent shall only become binding when confirmed in hard
> copy
> by an authorized signatory.
>
>
>
> This message has been scanned for all known viruses and dangerous
> content by StreamShield Protector <http://www.streamshield.com/>, and
> has been found to be clean.
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/)
> and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> *Support MailScanner development - buy the book off the website!*


--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list