This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Pop3 Spam Filtering Expression help

I need some help from somebody who actually understands this stuff. . .which would not be me!!  [:(]

I'm trying to figure out how to put expressions into the POP3 proxy expression filter, and the documentation on that point in either the manual or the online help seems to assume the reader knows a lot more than I do.  One or two sample expressions would REALLY help!  Can anyone offer an example expression, perhaps, for one or both of the following conditions:

1)  I want to delete any email that contains too many repetitions of the same character l*i*k*e*t*h*i*s in the subject line.  As we all know, that character can be a space, period, colon, almost any punctuation.

2)  I'd like to reject (or at least tag) any email that contains the word "unsubscribe" in the message body.

Of course, far more ideally, would be if the level of filtering that is described for the SMTP proxy would be made available to those of us who use externally-hosted POP3 accounts. . .but I guess maybe that's hoping for too much. . . [:(]

Anyway, TIA for any ideas/samples.

Dan

This thread was automatically locked due to age.

0 Simon Shaw over 22 years ago

There are some regular expression tutorials on the net. Try googling for "regular expression tutorial".

I agree though, the ASL manual could use a number of example expressions, say 5 or so, covering a few different filters. Gert seems to think it's all in the manual but I have found it is NOT clear at all. Some indications of the filters used seem to imply a non-regular expression filter, such as *@blah.com which doesn't appear to conform to the tutorials I've seen on the net.

I've got the greatest respect for Gert but we *could* use some more examples here...
Cancel
Vote Up 0 Vote Down

Cancel
0 martindw over 22 years ago in reply to Simon Shaw

There's a link in the ASL online help to "regular expressions" as well.  This ain't enough!  As an example of my questions:

Does the expression need to be a complete "if this expression is matched then do that to it" or is only the expression describing the condition to be matched, all that gets entered?  To put it in the language of a program I do know, one could use a BASIC expression:

If X in [1 to 5] then print "Y"

Assuming, which I know isn't true, that ASL's filter was using BASIC expressions, just what do I enter in the box?  The whole expression above, or merely the parameter part "X in [1 to 5]" ???

Does this make my question any clearer?

If the ASL documentation actually bothered to explain a little of how the engine does its thing, I wouldn't have to ask this, but it's not anywhere I can find it. . .

Dan
Cancel
Vote Up 0 Vote Down

Cancel

0 kr8 over 22 years ago in reply to martindw

Code:



OK Dan,

We meet again... you do post some interesting stuff. :-)

Right, lets see if I can help you...

Lets assume that Astaro are using some regex filter that understands egrep syntax.

Adding this to your "Expression Filter" should have the following behaviour

	Filter Expression: (\*[a-z*]?){2}?

Behaviour,

	PATTERN		RESULT
	------------------------
	*		NO MATCH
	**		MATCH
	a		NO MATCH
	ab		NO MATCH
	abc		NO MATCH
	a*		NO MATCH
	a*b		NO MATCH
	a*b*		MATCH
	*a		NO MATCH
	*a*		MATCH

and thus multiples of each MATCH line... extrapolate as you wish...

Further the {2} is the threshold, ie. 2 or more pattern repeats will match. It is this
number you will change to decrease the sensitivity, if you will.


In order to catch A-Z and 0-9 combinations of A*B* and 1*2* etc change the above to,

	Filter Expression: (\*[a-zA-Z0-9*]?){2}
?


In order to catch other separators than * etc change the above to,

	Filter Expression: (\*[a-zA-Z0-9*+:]?){2}[*+:]?


NOTE:
	In basic regular expressions the metacharacters ?, +, {, |, (, and ) lose their
	special	meaning; instead use the backslashed versions \?, \+, \{, \|, \(, and \).

	Traditional  egrep  did  not support the { metacharacter, and some egrep
	implementations support \{ instead, so portable scripts should avoid { in egrep
	patterns and should use [{] to match a literal {.

For this reason you will see that the + is not escaped, so if you want to increase the
scope of the separator just be sure to escape those characters mentioned above.
Otherwise you will get - at present - unexpected results and potentially syntax errors.
Effectively resulting in a broken filter expression.

I have verified the behaviour on the commandline with the first expression, I do not have
a registered version so cannot confirm the results or functionallity of the Expression Filter
of ASL. As you will notice from the second paragraph of the NOTE: above your mileage may
vary depending on the regex implementation behind the scenes.

To test on the commandline simply apply the above filter expression in the following way,

	echo '' | egrep '(\*[a-z*]?){2}
?'

Note that this is a filter to match only the combinations above, I add this simply to
help you understand how the filter works - and how easily you can break it if you
modify the filter. :-)

If you want to get some more skill with regex can recommend at least one book, and I would
say the only book you would ever need on learning and using regular expressions.

	Mastering Regular Expressions - Jeffry E F Friedl [ISBN 1-56592-257-3]

I'm pretty sure you will find a reseller on this page - http://www.noamazon.com/


Good luck and may the formula be with you...


Cheers,
kr8

PS. I'm no master btw, only a lowly student to the master Master Friedl. ;-)
PPS. I just tried it with : and it seems to be completely broke, for * it's ok though. I'll
try to get it to work a bit longer, but if not I guess you'll be buying a book soon. :-)