--On Friday, March 19, 2004 11:11 am +0000 "Alan J. Flavell"
<a.flavell@???> wrote:
>
> On Fri, 19 Mar 2004, Ian A B Eiloart wrote:
>
>> > deny condition = ${if match{$h_X-Priority:}{3}{yes}{no}}
>> > condition = ${if match{$message_body}{<OBJECT
>> > STYLE=\"display:none\" *\
>> > DATA=\"http:\/\/[0-9\.]+:81\/[0-9]+\.php\">} {yes} {no}}
>>
>> Is that right?
>
> Looks fine to me.
>
>> Isn't this going to look for an IP address with a trailing dot,
>
> No.
>
> There's a pcretest utility. Might one suggest you use it before
> posting about regexes?
>
OK, thanks. I wasn't aware of that - I'll take a look.
The more imoportant point, though, is that the bagle virus may use other
ports. Another post suggested that sometimes no port is specified.
--
Ian Eiloart
Servers Team
Sussex University ITS