You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@spamassassin.apache.org by jh...@apache.org on 2016/01/05 21:48:36 UTC

svn commit: r1723161 - /spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf

Author: jhardin
Date: Tue Jan  5 20:48:36 2016
New Revision: 1723161

URL: http://svn.apache.org/viewvc?rev=1723161&view=rev
Log:
fix URI_MALWARE_CWALL FP

Modified:
    spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf

Modified: spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf
URL: http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf?rev=1723161&r1=1723160&r2=1723161&view=diff
==============================================================================
--- spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf (original)
+++ spamassassin/trunk/rulesrc/sandbox/jhardin/20_misc_testing.cf Tue Jan  5 20:48:36 2016
@@ -2036,7 +2036,7 @@ endif
 #header    __RECIP_IN_ENV_FM_02          Received =~ /for\s+<([^\@]+)\@([^>]+)>.*envelope-from\s+[^@]*\2[^@]*\@/i
 
 
-uri        URI_MALWARE_CWALL            /\/abuse_report\.php\?/i
+uri        URI_MALWARE_CWALL            /\/abuse_report\.php\?(?!username=)[^&\s.]{1,100}\./i
 describe   URI_MALWARE_CWALL            Potential CryptoWall malware URL