On Tue, 6 May 2008, mhildebr wrote:

> Is there a way to have Spamassassin look for spoofed email addresses being
> used as the sender's address (myname@mydomain.com) but using a different
> user name (Viagra instead of myname)? It seems like it would be simple to
> check the user name and filter results from that. Thanks for any help.


Bad idea. My name can be easily and legitimately displayed in dozens
of different ways, without even considering typos:

Chris St. Pierre
Chris St Pierre
Chris St-Pierre
Chris Saint Pierre
Chris Saint-Pierre
Christopher St. Pierre
....
Christopher A. St. Pierre
....
Chris A. St. Pierre
....

And so on and so forth. And if someone accidentally mistypes my name,
suddenly I'm Chirs St. Pierre or something like that, and your filter
blocks the message.

A better idea would be to just let Bayes do its thing and notice the
token -- in this case, 'Viagra' -- and score accordingly.

Or, you can manually list out the various spellings of each users'
name, and then come up with a fancy algorithm to route around
misspellings, perhaps using something like Levenshtein distance to
figure out how egregiously misspelled a name is. It'll be way more
work than it's worth, but if that's what tickles you, go for it.

Chris St. Pierre
Unix Systems Administrator
Nebraska Wesleyan University