Spamassassin Blacklist Rules
Hi,
I try to do a bit more advanced rules in the email blacklist in Spamassassin but I cant find a list of all possible rules.
Do any of you know of any comprehensible list of all wildcard characters that are allowed.
For example can I do the following
*@domainnotices*.*
*@domainnotices???.*
*@domain###notices*.*
etc.
what is possible here is there any list of possible combinations to filter there domains with constant changing numbers or 1 letter differences.
the email comes from number@domainnotices####.c
Thank you for any assistance on this.
Best wishes,
thomas
I try to do a bit more advanced rules in the email blacklist in Spamassassin but I cant find a list of all possible rules.
Do any of you know of any comprehensible list of all wildcard characters that are allowed.
For example can I do the following
*@domainnotices*.*
*@domainnotices???.*
*@domain###notices*.*
etc.
what is possible here is there any list of possible combinations to filter there domains with constant changing numbers or 1 letter differences.
the email comes from number@domainnotices####.c
Thank you for any assistance on this.
Best wishes,
thomas
ASKER
Hi,
Thanks for the response, I did read this entry in the SpamAssassin manual.
However I wondered if it works within the domainname and could not find anything.
Lets say I have a spamer that used something like
something@name123.com
something@name124.com
something@name125.net
something@name130.org
something@name230.com
etc.
So I guess the * should work on this
*@name*.*
would this be a legit block?
Also there is no real explanation on the usage of ?
so I assume ? would stand for any character in this particular space. Would you agree this is correct?
These people change the text all the time and to cover everything would slow down the processing time for each email and server load so the block in spamassassin seems to be the least server load?
Best wishes,
Thomas
Best wishes,
Thomas
Thanks for the response, I did read this entry in the SpamAssassin manual.
However I wondered if it works within the domainname and could not find anything.
Lets say I have a spamer that used something like
something@name123.com
something@name124.com
something@name125.net
something@name130.org
something@name230.com
etc.
So I guess the * should work on this
*@name*.*
would this be a legit block?
Also there is no real explanation on the usage of ?
so I assume ? would stand for any character in this particular space. Would you agree this is correct?
These people change the text all the time and to cover everything would slow down the processing time for each email and server load so the block in spamassassin seems to be the least server load?
Best wishes,
Thomas
Best wishes,
Thomas
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Neil,
Thank you for your input.
it seems that it is working with * anywhere I want, just have to be real careful using to many * because it also opens for false positive. But it seems to work for my case.
Thank you for the discussion.
Best wishes,
Thom
Thank you for your input.
it seems that it is working with * anywhere I want, just have to be real careful using to many * because it also opens for false positive. But it seems to work for my case.
Thank you for the discussion.
Best wishes,
Thom
Great, now I know as well! I'm glad you could get to a solution.
-N
-N
ASKER
thanks for the assist
As far as I know the only 2 wildcards you can use are * and ?
Furthermore, it would not be possible to do what you are trying to do. Here is a brief explanation by SpamAssassin:
Is this for the "Domain Service Notification" SPAM message? Is there perhaps something in the subject of these emails which is always the same in each message?
If so, you can use the WhiteListSubject plugin to add this common phrase or word to the blacklist: https://wiki.apache.org/spamassassin/WhiteListSubjectPlugin
-N