0 c:\regexflt\accepted\{yyyy}-{mm}\{smtp:rcpt_to_domain}\{smtp:rcpt_to_mailbox}\{source:filename}{smtp:recipient_id}.txt c:\regexflt\accepted\{yyyy}-{mm}\log.txt c:\Program Files\Merak\mail\2150.com\rejectedmail\RegEx Accepted\{source:filename}{smtp:recipient_id}.imap http://localhost/2150/regexflt_test.asp 0 0 c:\regexflt\accepted\{yyyy}-{mm}\{smtp:rcpt_to_domain}\{smtp:rcpt_to_mailbox}\{source:filename}{smtp:recipient_id}.txt c:\regexflt\accepted\{yyyy}-{mm}\log.txt c:\Program Files\Merak\mail\2150.com\rejectedmail\RegEx Accepted\{source:filename}{smtp:recipient_id}.imap http://localhost/2150/regexflt_test.asp

0 c:\regexflt\accepted\{yyyy}-{mm}\{smtp:rcpt_to_domain}\{smtp:rcpt_to_mailbox}\{source:filename}{smtp:recipient_id}.txt c:\regexflt\accepted\{yyyy}-{mm}\log.txt c:\Program Files\Merak\mail\2150.com\rejectedmail\RegEx Accepted\{source:filename}{smtp:recipient_id}.imap http://localhost/2150/regexflt_test.asp

10000 500000 yes Allow all email from these addresses (outbound mailing lists) all clubgayday@gayday\.com Secret phrase to force email to be accepted unconditionally. Any email containing one of these phrases will be accepted.

all

all abcd---ACCEPT---wxyz Allow all email from these addresses (used to allow certain email from known respectful mailers, especially those whose email might otherwise get rejected because of content); open for abuse since these addresses could be forged, don't use indiscriminately all @[-A-Za-z0-9_]+\.avsforum\.com @badpuppy\.com @badpuppymag\.com @canamsatellites\.com @capitaloneauto\.com @([-A-Za-z0-9_]+\.){0,}att\.com @commerceonline\.com @dell\.com @([-A-Za-z0-9_]+\.){0,}delta\.com @directnic\.com @([-A-Za-z0-9_]+\.){0,}elecard\.net\.ru @freessl\.com @godaddy\.com @icewarp\.com @jblair\.com @officialticketcenter\.com service@paypal\.com @paypal\.com @pwebtech\.com @solweb\.com @supportwebsite\.com @tivo\.com briancbottorff@aol\.com bbottorff@biltmorecomm\.com reunionpartyinfo@aol\.com maxflightcorp@aol\.com Allow all email from these addresses (can be used to effectively disable filtering to specific users/domains, though the index is a better way to do this all Whitelist based on these expressions being in the body of an email all 0 c:\regexflt\accepted\{yyyy}-{mm}\{smtp:rcpt_to_domain}\{smtp:rcpt_to_mailbox}\{source:filename}{smtp:recipient_id}.txt c:\regexflt\accepted\{yyyy}-{mm}\log.txt c:\Program Files\Merak\mail\2150.com\rejectedmail\RegEx Accepted\{source:filename}{smtp:recipient_id}.imap http://localhost/2150/regexflt_test.asp 0 c:\regexflt\accepted\{yyyy}-{mm}\{smtp:rcpt_to_domain}\{smtp:rcpt_to_mailbox}\{source:filename}{smtp:recipient_id}.txt c:\regexflt\accepted\{yyyy}-{mm}\log.txt c:\Program Files\Merak\mail\2150.com\rejectedmail\RegEx Accepted\{source:filename}{smtp:recipient_id}.imap http://localhost/2150/regexflt_test.asp

0 c:\regexflt\accepted\{yyyy}-{mm}\{smtp:rcpt_to_domain}\{smtp:rcpt_to_mailbox}\{source:filename}{smtp:recipient_id}.txt c:\regexflt\accepted\{yyyy}-{mm}\log.txt c:\Program Files\Merak\mail\2150.com\rejectedmail\RegEx Accepted\{source:filename}{smtp:recipient_id}.imap http://localhost/2150/regexflt_test.asp

1000 10000 yes Exclude subject lines with a date at the end or with "order"/"confirm"/"reservation" in them to catch online orders and reservations that append an order # that otherwise would flag immediately as SPAM.

all

^subject:.+\bv[iI1]agra\b ^from:.+advize ^subject:.+debt ^subject:.+20(03\|04\|05\|06\|07\|08\|09\|10\|11\|12)$ ^subject:.+\byou can order\b ^subject:.+\bdiet ^subject:.+\bdrugs ^subject:.+\blog +in ^subject:.+\bmedication ^subject:.+\bmeds ^subject:.+\boffer +confirmation ^subject:.+\border +approved ^subject:.+pen[iIl1]s ^subject:.+p[oO0]rn[oO0] ^subject:.+\bv[iI1]rg[iI1]n ^subject:.+\bwaiting +on +your ^subject:.+\bwe +want ^subject:.+\bxanax ^subject:.+\byou +can +order ^subject:.+\border\b ^subject:.+\byour +information ^subject:.+\bas +seen +on ^subject:.+\bconfirm ^subject:.+\breservation ^subject:.+priceline.+request ^subject:.+\bshipment