You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jh...@apache.org on 2016/01/05 21:48:36 UTC
svn commit: r1723161 -
/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Author: jhardin
Date: Tue Jan 5 20:48:36 2016
New Revision: 1723161
URL: http://svn.apache.org/viewvc?rev=1723161&view=rev
Log:
fix URI_MALWARE_CWALL FP
Modified:
spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
Modified: spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?rev=1723161&r1=1723160&r2=1723161&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf Tue Jan 5 20:48:36 2016
@@ -2036,7 +2036,7 @@ endif
#header __RECIP_IN_ENV_FM_02 Received =~ /for\s+<([^\@]+)\@([^>]+)>.*envelope-from\s+[^@]*\2[^@]*\@/i
-uri URI_MALWARE_CWALL /\/abuse_report\.php\?/i
+uri URI_MALWARE_CWALL /\/abuse_report\.php\?(?!username=)[^&\s.]{1,100}\./i
describe URI_MALWARE_CWALL Potential CryptoWall malware URL