You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by san <sa...@gmail.com> on 2006/12/18 19:41:40 UTC

Gif attachment spam

Hi,
Iam getting lot of spams with .Gif attachment. will the follwing rule will
be able to catch such spam, when i tried its not pulling up anything sort
of, can anybody correct is this rule is correct to catch gif spam. 
http://www.nabble.com/file/4866/s.gif 
body     GIF_ATTACH   /name=\"?[0-9a-z._\-]{3,18}\.gif\"?/i
Score    GIF_ATTACH	5.0
describe GIF_ATTACH	describes gif attachment
-- 
View this message in context: http://www.nabble.com/Gif-attachment-spam-tf2841594.html#a7934106
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: Gif attachment spam

Posted by Theo Van Dinter <fe...@apache.org>.

On Mon, Dec 18, 2006 at 10:41:40AM -0800, san wrote:
> Iam getting lot of spams with .Gif attachment. will the follwing rule will
> be able to catch such spam, when i tried its not pulling up anything sort
> of, can anybody correct is this rule is correct to catch gif spam. 

No, it won't work.

> body     GIF_ATTACH   /name=\"?[0-9a-z._\-]{3,18}\.gif\"?/i

MIME headers aren't part of the "body" as far as SA is concerned.  There are
already a number of rules to deal with this stuff available via sa-update.  If
you want to roll your own, look at the MIMEHeader plugin.

-- 
Randomly Selected Tagline:
A few cans short of a six pack, Six short.