This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Regular Expressions for numbers

So some stupid spammer thought they were real s.m.r.t and decided to make spam with random phone numbers, where the links were to some site that no one cares about..

So I thought I would whip up some fun toys to deal with it... (I guess you could modify them to suit your needs)

So the first spam I got was from some idiot saying I had an eFax message from (of course some king of some small country with trillions of dollars in gold) It looked a little like this.

Subject: eFax message from "unknown" - 1 page(s), Caller-ID: 1-596-558-5555

Subject: eFax message from "unknown" - 1 page(s), Caller-ID: 1-596-558-6666

Subject: eFax message from "unknown" - 1 page(s), Caller-ID: 1-596-558-7777

Subject: eFax message from "unknown" - 1 page(s), Caller-ID: 1-596-558-8888

Great! .. ok so why is this junk coming to me?!!?! well  they probably got my name on some pirated email list and because they change the subject all the time its difficult for computers to identify..

solution:

configuration / policy / additional policy

add

rule type : use only message attributes

next

message attributes

add

header

name : Subject              (note the caital S)

check off: matches regular expression

value : Caller-ID: 1?\W*([2-9][0-8][0-9])\W*([2-9][0-9]{2})\W*([0-9]{4})(\se?x?t?(\d*))?

apply

next

main action : quarantine

reason : keyword

next

name : lame-spammer rule

activate this rule

apply

result.

This rule matches any email with any set of numbers with the string Caller-ID: X-XXX-XXX-XXXX and quarantines it as a keyword so administers can look at it (incase of a false positive) but users can not release it to them self's and click on the link!

Here are some other examples:

INCOMING FAX REPORT : Remote ID: 899-346-8439
Remote ID: \W*([2-9][0-8][0-9])\W*([2-9][0-9]{2})\W*([0-9]{4})(\se?x?t?(\d*))?

Case - 6362782
Case - \W*([1-9])\W*([2-9][0-9]{5})

For more fun with regular expressions see regexpal!  feel free to try these ones out.. you can get as crazy as you like with regular expressions!

www.regexpal.com

full list and regular expression explinations

https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/RegExp#Special_characters_in_regular_expressions

:50620


This thread was automatically locked due to age.