I noticed that the majority of the spam that my mail server receives has a
subject that is UTF-8 Encoded. I want to deny ALL emails whose Subject
line contains a UTF-8 encoded stuff.
I tried this, but it does not work:
deny hosts = +rbl_hosts
message = UTF-8 not allowed
log_message = UTF-8 not allowed in subject: $h_subject
condition = ${if match\
{${lc:$h_subject:}}\
{\Nutf\-8\N}\
{yes}{no}}
That does not successfully match a UTF-8 encoded subject line.
What's interesting, is if I look at a spam email within my mail reader
(Pine), it looks like this: Subject: [utf-8] Hi again
But the actual text within the /var/spool/mail file actually looks like
this: Subject: =?utf-8?B?SGkgYWdhaW4=?=
So there's some kind of encoding magic happening here that may be making
it difficult for me to filter against UTF-8 messages. Any suggestions?
