ned at unixmail
Jun 29, 2011, 5:21 AM
Post #10 of 10
On 29/06/11 12:50, Henrik K wrote:
> On Wed, Jun 29, 2011 at 01:28:48PM +0300, Henrik K wrote:
>> On Wed, Jun 29, 2011 at 11:02:13AM +0100, Ned Slider wrote:
>>> Hi List,
>>> I see the useful X-Spam-Relays-External pseudo header but what I'd
>>> really like to be able to specifically check is the Last External
>>> header as DNSBL rules are able to do with -lastexternal.
>>> Is there a X-Spam-Relays-Last-External option that I'm missing, and
>>> if not would it be possible to implement such a feature or perhaps
>>> someone can suggest a workaround method?
>>> For example, I'd like to be able to do something like this against
>>> only the last external Received header:
>>> header __RCVD_FROM_SOMEISP X-Spam-Relays-Last-External =~ /someisp\.com/i
>> Example from 20_dynrdns.cf
>> # Note the '^[^\]]+ ' stanza: this ensures that we only match spamware
>> # connecting to a internal relay; if a mail came from a dynamic addr but
>> # was relayed through their smarthost, that's fine.
>> header __LAST_EXTERNAL_RELAY_NO_AUTH X-Spam-Relays-External =~ /^[^\]]+ auth= /
> To prevent further questions..
> header __RCVD_FROM_SOMEISP X-Spam-Relays-External =~ /^[^\]]+ rdns=[^ ]+\.someisp\.com /
> As you see, all the relays are enclosed in [ ..relay1.. ] [ ..relay2.. ] ...
> Thus the stanza will not look further than first ].
Brilliant - thank you very much. Works perfectly.