|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
Survey |
|
|
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
Walt
Sergeant
Joined: Mar 15, 2003
Posts: 91
Location: USA
|
 Posted: Sat Nov 29, 2003 2:31 pm Post subject: Wildcard Expressions vs. Regular Expressions |
|
|
I notice that within the Filter Sidebar, the Friends List and the Blacklist both use wildcard expressions but the Filters use regular expressions for text string pattern matching.
It would be sure nice if everything in the Filter Sidebar used the same form and format for string expressions. By this, I mean focus in onto the more powerful of the two, and go with simply Regular Expressions for everything.
Am I the only one who likes consistancy and would support such a suggestion?
|
|
| Back to top |
|
 |
AlphaCentauri
SIRT Handler
Premium Member
Joined: Nov 20, 2003
Posts: 2705
|
| Posted: Sat Nov 29, 2003 8:56 pm Post subject: |
|
|
I agree. It makes it harder to learn the more powerful expressions if they don't work are aren't the same for both.
|
|
| Back to top |
|
|
stan_qaz
Premium Member
Joined: Mar 31, 2003
Posts: 10612
|
| Posted: Sat Nov 29, 2003 9:22 pm Post subject: |
|
|
Probably overkill for the black and friends lists, a couple *'s are a lot easier to deal with than regex.
What type of expression could you add to the blacklist that you can't add as a filter?
_________________
Questions? Try the wiki
http://wiki.castlecops.com/MailWasher_Pro
|
|
| Back to top |
|
|
Walt
Sergeant
Joined: Mar 15, 2003
Posts: 91
Location: USA
|
| Posted: Sat Nov 29, 2003 9:39 pm Post subject: |
|
|
Well, I was trying to be fancy, and write a single blacklist entry which will tag all foreign (to the USA) domains.
Some examples would be:
spamer@aol.com.mx
junk@hotmail.com.ru
porn@free.cm.fi
I could write a regular expression which will look for exactly two characters following a second dot after the at-sign. Can that be done with wildcards and be certain it would not trap something like mom@home.us ??
Also, now that I had to learn Regular Expressions, I want to use them. 
|
|
| Back to top |
|
|
stan_qaz
Premium Member
Joined: Mar 31, 2003
Posts: 10612
|
| Posted: Sat Nov 29, 2003 10:22 pm Post subject: |
|
|
Maybe *.?? would if you added *.us to the friends list but that would tag too many domains friendly.
Why don't you just use the filter function for this? Gary has one that looks to fit the bill, second form the end of the list and he has the country codes a bit farther down so you can customize it to fit your needs if you aren't a US resident.
http://www.w5hq.com/MailWasher/MailWasherFilters.txt
The blacklist has a place but complex filtering isn't what it was intended for.
_________________
Questions? Try the wiki
http://wiki.castlecops.com/MailWasher_Pro
|
|
| Back to top |
|
|
Ikeb
Special Response Team
Forums Admin
Joined: Apr 20, 2003
Posts: 16509
|
|
| Back to top |
|
|
Perry
Lieutenant
Joined: Oct 19, 2003
Posts: 291
Location: USA
|
| Posted: Sun Nov 30, 2003 8:07 am Post subject: |
|
|
| Ikeb wrote: |
Yeah. And exactly how does one filter out Texans? 
|
I'm thinking that you may be able to come close based on address. The question is how do you filter them out of your state or out of the White House?
Perry
|
|
| Back to top |
|
|
denn988
Guest
IP: 66.44.*.*
|
| Posted: Tue Dec 02, 2003 3:25 am Post subject: |
|
|
| Ikeb wrote: |
Yeah. And exactly how does one filter out Texans?
|
You use the same filter that you would use to filter out Canadians....but you just hold it lower....
As far as filtering out foreign addresses, here is one that filters out most e-mail that originated from foreign sources. This is not based on sender address, but originating IP address.
This filter looks for any IP address in the 'Received:" lines in the header that is associated with Europe (RIPE), Asia-Pacific (APNIC), and Latin America (LACNIC).
| Code: |
[enabled],FOREIGN,FOREIGN,16711808,AND,Delete,EntireHeader,containsRE,"(?# list of IP blocks assigned to RIPE - must be updated as required )^Received: from [^[]*?\[(62|8[0-4]|19[345]|21[237])(\.[1-2]?\d?\d?){3}\]",EntireHeader,containsRE,"(?# list of IP blocks assigned to APNIC - must be updated as required )^Received: from [^[]*?\[(6[01]|20[23]|21[01]|21[89]|22[0-2])(\.[1-2]?\d?\d?){3}\]",EntireHeader,containsRE,"(?# list of IP blocks assigned to LACNIC - must be updated as required )^Received: from [^[]*?\[20[01](\.[1-2]?\d?\d?){3}\]"
|
Note:
The above filter has been updated to be current as of this month. To check for future updates as required, see the following IANA link.
Also...
IANA RESERVED should be updated as follows:
| Code: |
[enabled],"IANA RESERVED [AD]","IANA RESERVED [AD]",180,AND,Delete,TakesPrecedence,Automatic,EntireHeader,containsRE,"(?# list of IP blocks reserved by IANA - must be updated as required )^Received: from [^[]*?\[([1257]|2[37]|3[1679]|4[129]|5[089]|7\d|8[5-9]|9\d|1[01]\d|12[0-6]|17[3-9]|18[0-79]|19[07]|22[3-9]|2[34]\d|25[0-5])(\.[1-2]?\d?\d?){3}\][^;:]*?"
|
NOTES:
This change reflects the assignment of blocks 83 and 84 to RIPE. They had previously been IANA RESERVED.
This version of IANA RESERVED is set to AUTO-DELETE. While I have no problems using AUTO-DELETE for anything that contains obviously forged 'Received:' lines in the header, someone else might not want to do that. If you do not wish to AUTO-DELETE you will have to change that function in the filter after installing.
|
|
| Back to top |
|
|
IP: 68.51.*.*
Guest
|
| Posted: Tue Dec 02, 2003 4:05 am Post subject: |
|
|
Thanks for that denn988 my experience with the internet hasn't expanded to where I understand the workings of (RIPE), (APNIC), (LACNIC) but your posting makes me want to look into it. I know there are other threads on the subject. As it is now I would be held prisoner until someone else updated the filters for me.
It would be cool if there were just a forum for MailWasher Filter threads and that way every past posting could be in one area under one roof. Not to be done I know but it would help.
| Perry wrote: |
The question is how do you filter them out of your state or out of the White House? |
I was very happy with my vote in 2000. Better than the Tennessee alternative. Thank you very much.
|
|
| Back to top |
|
|
IP: 68.51.*.*
Guest
|
| Posted: Tue Dec 02, 2003 4:38 am Post subject: |
|
|
| Anonymous wrote: |
It would be cool if there were just a forum for MailWasher Filter threads and that way every past posting could be in one area under one roof.
|
Of course if I put "filter" in the search box and zero in on the MailWasher forums there they are; all post under one roof. 
|
|
| Back to top |
|
|
Ikeb
Special Response Team
Forums Admin
Joined: Apr 20, 2003
Posts: 16509
|
| Posted: Tue Dec 02, 2003 6:56 am Post subject: |
|
|
| denn988 wrote: | | Ikeb wrote: |
Yeah. And exactly how does one filter out Texans?
|
You use the same filter that you would use to filter out Canadians....but you just hold it lower.... |
 Actually it would have to be held higher.
| denn988 wrote: | As far as filtering out foreign addresses, here is one that filters out most e-mail that originated from foreign sources. This is not based on sender address, but originating IP address.
This filter looks for any IP address in the 'Received:" lines in the header that is associated with Europe (RIPE), Asia-Pacific (APNIC), and Latin America (LACNIC).
| Code: |
[enabled],FOREIGN,FOREIGN,16711808,AND,Delete,EntireHeader,containsRE,"(?# list of IP blocks assigned to RIPE - must be updated as required )^Received: from [^[]*?\[(62|8[0-4]|19[345]|21[237])(\.[1-2]?\d?\d?){3}\]",EntireHeader,containsRE,"(?# list of IP blocks assigned to APNIC - must be updated as required )^Received: from [^[]*?\[(6[01]|20[23]|21[01]|21[89]|22[0-2])(\.[1-2]?\d?\d?){3}\]",EntireHeader,containsRE,"(?# list of IP blocks assigned to LACNIC - must be updated as required )^Received: from [^[]*?\[20[01](\.[1-2]?\d?\d?){3}\]"
|
|
You might want to consider adding another rule:
| Code: | | EntireHeader,doesn'tContain,"(?# excludes newsletters from FireStorm) Received: from sunshine.element5.com (217.65.128.203)" |
|
|
| Back to top |
|
|
Perry
Lieutenant
Joined: Oct 19, 2003
Posts: 291
Location: USA
|
| Posted: Tue Dec 02, 2003 8:39 am Post subject: |
|
|
| Anonymous wrote: | Thanks for that denn988 my experience with the internet hasn't expanded to where I understand the workings of (RIPE), (APNIC), (LACNIC) but your posting makes me want to look into it. I know there are other threads on the subject. As it is now I would be held prisoner until someone else updated the filters for me.
It would be cool if there were just a forum for MailWasher Filter threads and that way every past posting could be in one area under one roof. Not to be done I know but it would help.
| Perry wrote: |
The question is how do you filter them out of your state or out of the White House? |
I was very happy with my vote in 2000. Better than the Tennessee alternative. Thank you very much. |
By a negative million.
Perry
|
|
| Back to top |
|
|
IP: 192.19.*.*
Guest
|
| Posted: Tue Dec 02, 2003 12:59 pm Post subject: |
|
|
| denn988 wrote: |
| Code: |
[enabled],FOREIGN,FOREIGN,16711808,AND,Delete,EntireHeader,containsRE,"(?# list of IP blocks assigned to RIPE - must be updated as required )^Received: from [^[]*?\[(62|8[0-4]|19[345]|21[237])(\.[1-2]?\d?\d?){3}\]",EntireHeader,containsRE,"(?# list of IP blocks assigned to APNIC - must be updated as required )^Received: from [^[]*?\[(6[01]|20[23]|21[01]|21[89]|22[0-2])(\.[1-2]?\d?\d?){3}\]",EntireHeader,containsRE,"(?# list of IP blocks assigned to LACNIC - must be updated as required )^Received: from [^[]*?\[20[01](\.[1-2]?\d?\d?){3}\]"
|
|
Could someone please "translate" this into what I need to enter into the menu provided by MW Pro for filters? I mean, I am unsure what tokens like "FOREIGN, FOREIGN", "16711808" , "AND" are intended to be.
|
|
| Back to top |
|
|
Ikeb
Special Response Team
Forums Admin
Joined: Apr 20, 2003
Posts: 16509
|
| Posted: Tue Dec 02, 2003 1:38 pm Post subject: |
|
|
Just close MWP, add this to filters.txt, save the file, and reopen MWP.
|
|
| Back to top |
|
|
stan_qaz
Premium Member
Joined: Mar 31, 2003
Posts: 10612
|
| Posted: Tue Dec 02, 2003 5:29 pm Post subject: |
|
|
I can't begin to translate it but if you browse or search the filter threads you will find links to websites that might help if you do want to understand.
_________________
Questions? Try the wiki
http://wiki.castlecops.com/MailWasher_Pro
|
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
