Rule rule_id; regex error error_string (error_number) for header "header"
|Article:HOWTO77168|||||Created: 2012-06-18|||||Updated: 2013-02-08|||||Article URL http://www.symantec.com/docs/HOWTO77168|
Error code: 29001
Error text: Rule rule_id; regex error error_string (error_number) for header "header"
Where rule_id is the rule number where the problem occurred. The error_string is a brief description of the problem encountered. The header is the message header where the problem occurred.
Affected module: brightmail_engine
Product version: Symantec Messaging Gateway 9.5 and later versions
Legacy error in logs following an upgrade from version 7.7 or earlier
An attempt to apply a regular expression based rule to a specific message header failed based on specific characteristics of a given message header
In Symantec Brightmail Gateway version 7.7 and earlier, this error could fire if a given regular expression based rule was being evaluated against message headers with certain non-rfc compliant content. The evaluation of a given regular expression based rule against the specific header would not contribute to a spam verdict - returning this error instead.
This particular evaluation method is no longer used in the Symantec Brightmail Gateway after version 7.7, however, it can show up in your logs following an upgrade for some time - based on your log retention settings. This error can not occur in versions of the product after version 7.7.
Ignore the error.
This is a legacy error, that could only occur for a previous version of the software. The fact that you have the "more information" link in your control center log display indicates that you have already upgraded your installation beyond a level at which this error should occur.
The following is an example of the error message as it appears in the bmserver_log:
Rule 905549; regex error backtrack stack overflow: expression generates too many alternatives (18) for header "Subject: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Your Report"
Article URL http://www.symantec.com/docs/HOWTO77168