Created on 06-16-2008 08:30 AM
[link]https://www.secure-it.be[/link]
Hi all, does anyone know how to match Unicode characters with regular expression in Antispam Banned Words? For example say I want to match the registered sign ® followed by " some text" in the subject of incoming mail: I tried the following patterns; /.*® some text/i /.*some text/i but it appears that a mail subject containing the ® character bypass the antispam filter. If I remove che ® from the test mail the second pattern block it. Pattern with the Perl pattern \u00AE is not accepted by Fortigate GUI. Any suggestion?Thanks Marco --------------------------------------------- Fortigate FGT200 2.8 build 489[size=1][/size][size=4][/size]
zaskarThanks --------------------------------------------- Marco Scala Fortigate-200 2.80,build489,051027
Created on 06-25-2009 10:45 AM
regards
/ Abel
Created on 06-26-2009 07:55 AM
Well my AS logs don' t say much. I can only see a log entry for when a message is determined to be spam... it doesn' t show results of the scanning process or anything.we´ll expect to see something like " The email contains banned word(s).(regexp expression, etc) under " Message" column Re-check you relevant SMTP traffic profile for enabling antispam logging
What does the .\w+ do? Is that roughly the equivalent to a wild card?\w stands for a word [A-Za-z0-9_] (alphanumeric characters plus " _" ) and + stands for matching the preceding element one or more times
regards
/ Abel
Created on 06-26-2009 01:33 PM
we´ll expect to see something like " The email contains banned word(s).(regexp expression, etc) under " Message" columnI do see those in the log. Not nearly as often and I expect that I should see them when considering how many of these messages have been getting through. I read your other post in the other thread I created... I shouldn' t have double posted this. I have a number of Regexs that all have a score of 5 and the threshold is 8. I do have emails getting blocked so somehow they must be cumulative. My thinking is that it' s not cumulative from the number of reoccurences of one expression... but that there is a cumulative score between the occurences of different expressions. So in my messages, if any two regex' s occur in the same message it should get blocked. I could be wrong but that' s how I figured it.
\w stands for a word [A-Za-z0-9_] (alphanumeric characters plus " _" ) and + stands for matching the preceding element one or more timesThat' s good to know. That will come in handy.
Created on 07-10-2009 12:40 PM
/https?://.\w+\.\w+\.cn/iI tried this and it started blocking almost every URL under the sun. Then I realized that I had to use this: /https?:\/\/\w+\.\w+\.cn/i This allows the backslashes to be seen literally and not as a function. Plus I think that the first dot might have been a mistake. Not sure on that. I haven' t tested this yet but I am going to.
Created on 07-10-2009 12:52 PM
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.