You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by bi...@apache.org on 2022/06/13 18:10:09 UTC

svn commit: r1901885 - /spamassassin/trunk/rulesrc/sandbox/billcole/80_test.cf

Author: billcole
Date: Mon Jun 13 18:10:09 2022
New Revision: 1901885

URL: http://svn.apache.org/viewvc?rev=1901885&view=rev
Log:
New MID pattern rule, tests very well on private B2B system.

Modified:
    spamassassin/trunk/rulesrc/sandbox/billcole/80_test.cf

Modified: spamassassin/trunk/rulesrc/sandbox/billcole/80_test.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/billcole/80_test.cf?rev=1901885&r1=1901884&r2=1901885&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/billcole/80_test.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/billcole/80_test.cf Mon Jun 13 18:10:09 2022
@@ -79,6 +79,11 @@ body	 SCC_CANSPAM_1		/The advertiser doe
 describe SCC_CANSPAM_2		Interesting compliance language
 body	 SCC_CANSPAM_2		/you may unsubscribe by clicking here or by writing to/
 
+# 1-3 are antique and stale. This sha256@sha256.*.co pattern is fresh in 2022
+describe SCC_SPAMMERMID4        Distinctive Message-Id
+header   SCC_SPAMMERMID4        Message-ID =~ /<[-_a-zA-Z0-9.]{43}\.[-_a-zA-Z0-9.]{43}\@[-a-z0-9]{4,30}\.co>/
+score    SCC_SPAMMERMID4        1
+
 # TESTING a few domains that are in our "suspicious" list but are known to have some good senders
 describe T_SCC_TLD_ONLINE From domain in *.online 
 header   T_SCC_TLD_ONLINE From =~ /<[^ @]+@[^ @>]+\.online>/