Arabic  Chinese (simplified)  Chinese (traditional)  French  German  Italian  Japanese  Korean  Portuguese  Russian  Spanish 

Regex Filters / Spambomb

From ASSPSMTP

Jump to: navigation, search
Advice
This article is incomplete. It is currently under construction and review for content, clarity and format. Help the community by adding content directly to this page or discuss what should go in this article on the discussion page!

On This Page

How It Works

Details

Regex Filters / Spambomb FAQs

Regex Filters / Spambomb Configuration

based upon version 1.3.5(9.18) Do Bomb/Script Regular Expressions Checks for Whitelisted (bombReWL)

Do Bomb/Script Regular Expressions Checks for NoProcessing (bombReNP)

Do Bomb/Script Regular Expressions Checks for Local Messages (bombReLocal)

Do Bomb/Script Regular Expressions Checks for ISPIP (bombReISPIP)

Use BombSender Regular Expression (DoBombSenderRe)

If activated, each Sender address is checked against the BombSender Regular Expression. 0 = disabled, 1 = block, 2 = monitor, 3 = score

BombSender Blocking Regular Expression * (bombSenderRe)

Expression to identify sender you want to block very early. If an incoming sender matches this Perl regular expression connection will be dropped. Whitelist and Nonprocessing will be honored. No ccSPAM possible.

Use BombHeader Regular Expressions on Header Part (DoBombHeaderRe)

If activated, each message-header is checked against bombHeaderRe, bombSubjectRe and bombCharSets Regular Expressions. ccSPAM will copy only the header. 0 = disabled, 1 = block, 2 = monitor, 3 = score

Regular Expression to Identify Spam in Header Part* (bombHeaderRe)

Header will be checked against this Regex if DoBombHeaderRe is enabled. For example: \d\s+(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s+\d\d\d\d\s+\d\d:\d\d(:\d\d)?\s+[+\-]\d\d[6-9]\d

Regular Expression to Identify Spam in Subject* (bombSubjectRe)

Header will be checked against this Regex if DoBombHeaderRe is enabled.

Regular Expression to Identify Foreign Charsets* (bombCharSets)

Header will be checked against this Regex if DoBombHeaderRe is enabled. For example: [\x80-\xFF]|\x0D[^\x0A]|BIG5|CHINESEBIG|GB2312|KS_C_5601|KOI8-R|EUC-KR|ISO-2022-JP|ISO-2022-KR|ISO-2022-CN|CP1251.

Use Bomb Regular Expressionswiki (DoBombRe)

If activated, each message is checked against BombRaw and BombData Regular Expressions. 0 = disabled, 1 = block, 2 = monitor, 3 = score

BombRaw Regular Expression for Header and Data Part* (bombRe)

Header and Data will be checked against this Regular Expression if DoBombRe is enabled. For example: IMG [^>]*src=['"]cid|<BODY[^>]*>(<[^>]+>|\n|\r)*<IMG[^>]+>(<[^>]+>|\n|\r)*</BODY>

BombData Regular Expression for Data Part* (bombDataRe)

Data part will be checked against the Regular Expression if DoBombRe is enabled. For example: IMG [^>]*src=['"]cid|<BODY[^>]*>(<[^>]+>|\n|\r)*<IMG[^>]+>(<[^>]+>|\n|\r)*</BODY>

Regular Expression for Message Scoring Only* (bombSuspiciousRe)

Header and Data will be checked for scoring only. For example: unsubscribe

Don't Check Messages from these Addresses* (noBombScript)

Don't detect spam bombs or scripts in messages from these addresses. Accepts specific addresses (user@domain.com), user parts (user) or entire domains (@domain.com).

Do Test Regular Expression (DoTestRe) If activated, each message is checked against the Test Regular Expression below. This provides a way to test regex strings on live mail.

Test Regular Expression* (testRe)


Spam Bomb Error (bombError)

SMTP error message to reject spam bombs. For example: 554 5.7.1 Delivery not authorized, message refused -- send report to mailto:postmaster@mydomain.tld or call +12.34.56.78.90

Add Reason (bombErrorReason) Add matching expression to Spam Bomb Error

Use Black Regular Expression to Identify Spam Strictly (DoBlackRe)

Each incoming message is checked against the BlackRe to Identify Spams. 0 = disabled, 1 = block, 2 = monitor, 3 = score

Use Black Regular Expression to Identify Spam during Bayesian Check (DoBlackReBayesian) If activated, each message is checked against the BlackRe Regular Expression during Bayesian Analysis. Matches will fail Bayesian check. This is a legacy feature.

BlackRe - Regular Expression to Identify Spam Strictly* (blackRe)

If an incoming email matches this Perl regular expression it will be strictly considered spam . For example: penis|virgin|X-Priority

Use Regular Expression to Identify Mobile Scripts (DoScriptRe)

Each message is checked against the Expression to Identify Mobile Scripts. 0 = disabled, 1 = block, 2 = monitor, 3 = score

Regular Expression to Identify Mobile Scripts* (scriptRe)

Spam emails may contain mobile scripting code, eg activex and java. You can use this feature to block those messages. Leave this blank to disable the feature. For example: \<applet|\<embed|\<iframe|\<object|\<script|onmouseover|javascript:

Script Error (scriptError)

SMTP error message to reject scripts. For example: 554 5.7.1 Your email appears to be spam -- send an error report to mailto:postmaster@mydomain.tld or call +12.34.56.78.90

Retrieved from "http://www.asspsmtp.org/wiki/Regex_Filters_/_Spambomb"
These icons link to social bookmarking sites where readers can share and discover new web pages. Blinklist  del.icio.us  digg  Furl  Google  ma.gnolia  Reddit  Slashdot  Spurl  YahooMyWeb 
Personal tools