All,

 

I found a "baddy" which was causing false positives on my RegEx's.  If someone has a cleaner solution, let me know.  The problem was that my expressions were "Open Ended" so to speak.  This meant that the scanning continued on into the body.  I am not sure if this is a "Bug" or not.

My fix is to add  .*\n  to the end of the expressions to make sure the test ends at the end of the Subject line. 

Again ... Please ... Comments.  I am kinda fuzzy at this point ... not enough sleep!

Regards,

Dan S.

I was told to use .* sparingly and only if absolutely needed.  I like using the less-greedy +?.  This will match 1 or more times, but as few instances as possible.  I haven't tried using \n to close off the expression, but it makes sense.

If I wanted to catch =asdflja;lskjf=adsfadf= and nothing after it, I would use ((?i)=.+?=).  Changing the rexeg to ((?i)=.*=) catches not only the first set of equal signs, but if there is any more equal signs in the message, it will catch everyting up till the last equal sign in the message.  Modifying the regex once more to ((?i)=.*=.*\n) is better then .*, but unfortunately it will catch all after the second equal sign.  In this example that is not an issue, but it may be in others.  All in all, I prefer .+? to catch characters that may or may not be in between certain characters or phrases that I am trying to filter on.  I can see where .*\n works, but if not closed properly it can have disasterous results.

BTW: I second the notion for a more closed environment for regex discussions.  It would definitely help us novices get a better understanding of this powerful language used to filter in SF.  I'm not saying that Logsat needs to provide this, but I think maybe someone here may now of a place that is up and running now that maybe we could check out.

All,

Regards,

Dan S.

http://www.invisionpowerboard.com that's the forums i'd suggest. You can also set it up so that you have to be part of a different group just to be able to see a forum, that way you can't just sign up and see everything. I dunno how you will validate who is an actual user and who is a spammer though....

Great idea!

Whoever does it, and however it is done, count me in.  I can offer limited assistance.  Like you, Dan, I also have a full plate at work -- but I offer my efforts to "co-moderate" if needed, if doing so would help to share the workload a little bit and make this possible.  Let me know.

As for the concern about spammers getting in... the approach should be "cautious but not paranoid."  Your idea (Dan) about verifying email addresses with Roberto should provide adequate security, if he's OK with doing this.  There will always be a few spammers who waste their time trying to defeat our efforts, but short of performing a full background check on anyone prior to inviting their participation on this list, there is no practical way to avoid this.  By closing the list and requiring a minimal clearance of this type, most spammers will redirect their efforts to the SpamCop lists or NANAE or other places where they can learn about anti-spam efforts (and how to defeat them) without the cost or effort of getting an "invitation."

Thanks for your efforts.  Let me know if I can be of assistance.

As I have already stated my support for a forum like this, let me add that even though having Logsat verify the users, it would be easy to join the forum. Please note that $400.00 is a low price to pay for a determined spammer that wants to try to defeat the RegEx strings that are developed through the forum.

Not to sound paranoid or anything. :-)