View Full Version : SpamAssassin/Perl expressions

02-03-2004, 10:15 PM
Anyone suggest a good tutorial on perl pattern matching? I've been trying to set a match for email with subject 'Newest Microsoft Security Patch', but can't get anything other than this to match:

# Trap mail with words in subject
header MS_SP Subject =~ /(Security)/i
describe MS_SP screen words in subject
score MS_SP 10.00

Tried things like

and others. Only simply 'Security' matched. Suggestions?


02-04-2004, 08:05 AM

Those are a couple of internet refrences. Got tons more by using
"perl pattern matching" in google search.

\s Matches a whitespace character (space, tab, newline...)
So it may be you need to use.

/Newest\sMicrosoft\sSecurity\sPatch/ to match the exact phrase.

02-04-2004, 09:01 AM
Thx for the pointers and help. It didn't occur to me that 'perl pattern matching' was specific enuf for Google search. Duh'o.

I'm also trying to upgrade SA and running into the 'old version MakeMaker' problem. WH refuses to upgrade me, says it is my responsibility. I've not yet been able to decipher CPAN or the other references.

Did you manage to get it done? How?


02-04-2004, 10:08 AM
I have not been back to work on the old MakeMaker problem since they supposedly gave us access to modify and upgrade it.

Do you use SSH? That is where you can do CPAN stuff. I'll go back and do some checking and let you know what I come up with.

Also here is one overview of what you do in SSH

02-04-2004, 11:02 AM

If all you want to do is delete mail with that subject, you can use Procmail to do it instead of SpamAssassin:

* ^Subject: Newest Microsoft Security Patch$

Put that in a .procmailrc file in / and chmod it 644. If you are uploading via FTP, upload in ASCII mode.

Apart from that, here's an exceptionally useful SpamAssassin site I came across a few days ago: http://www.exit0.us/ They've got some tests to improve SpamAssassin's accuracy, as well as a few tailored to viruses (and the fake bounces they generate). Let me know if you need help using/configuring them.

Good luck!