|Main Archive Page > Month Archives > spamassassin-users archives|
I have made a few rules to match bodies of e-mail forwarded to our
abuse account. they should match if IP from our range appears in the
body __GTSSK_IP04 /\b213\.215\.(6[4-9]|[7-9][0-9]|1[0-9]|12[0-7])\.\d/
should match any IP from range 220.127.116.11/18
I have received a complaint containing RFC822 attachment with this line
in headers of the attachment:
Received: from a43.pbi.bn.cust.gts.sk ([18.104.22.168] helo=smtp.pbi.sk) by mail.kontaktco.at with esmtp (Exim 4.72) (envelope-from <firstname.lastname@example.org>) id 1RUaIh-0000zs-8d for email@example.com; Sun, 27 Nov 2011 09:41:28 +0100
Neither the body rule above, neither rule changed to header matched:
header __GTSSK_IP04 Received =~ /\b213\.215\.(6[4-9]|[7-9][0-9]|1[0-9]|12[0-7])\.\d/
even if "pcregrep" with same pattern matched the line...
I have tried to use "rawbody" rule but still no match.
I have SA 3.3.1 with perl 5.8.8 on gentoo linux...
can either of those cause the problem?
-- Matus UHLAR - fantomas, uhlar_at_fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I don't have lysdexia. The Dog wouldn't allow that.