From 1dcb031f3226341bffe19fd06b707d1a0e267edb Mon Sep 17 00:00:00 2001
From: Giovanni <g.bechis@snb.it>
Date: Fri, 24 Oct 2025 18:27:12 +0200
Subject: [PATCH 1/2] do not match on 123-123_1234 phone numbers

---
 rulesrc/sandbox/fkento/20_phone_numbers.cf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rulesrc/sandbox/fkento/20_phone_numbers.cf b/rulesrc/sandbox/fkento/20_phone_numbers.cf
index 156b1654dd..10c4cd8083 100644
--- a/rulesrc/sandbox/fkento/20_phone_numbers.cf
+++ b/rulesrc/sandbox/fkento/20_phone_numbers.cf
@@ -6,7 +6,7 @@ body          __MXG_HAS_PHONE05  /\+1([\W_]*[0-9]){10}(?![\W_]*[0-9])/
 meta          __MXG_HAS_PHONE  __MXG_HAS_PHONE01 || __MXG_HAS_PHONE02 || __MXG_HAS_PHONE03 || __MXG_HAS_PHONE04 || __MXG_HAS_PHONE05
 describe      __MXG_HAS_PHONE  Has a phone number
 
-body          __MXG_PHONE_OBFU  /(?!(1\W*)?\d{3}\W+\d{3}\W+\d{4})\b([1I][^a-zA-Z0-9]*)?[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{4}\b/
+body          __MXG_PHONE_OBFU  /(?!(1\W*)?\d{3}\W+\d{3}[a-zA-Z0-9-_]+\d{4})\b([1I][^a-zA-Z0-9]*)?[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{4}\b/
 describe      __MXG_PHONE_OBFU  Has an obfuscated phone number
 
 meta          MXG_PHONE_OBFU_ONLY  __MXG_PHONE_OBFU && !__MXG_HAS_PHONE
@@ -14,4 +14,4 @@ score         MXG_PHONE_OBFU_ONLY  0.1
 describe      MXG_PHONE_OBFU_ONLY  Obfuscated phone number only
 
 # Deprecated - Don't use
-body         __MXG_PHONE_OBFU01  /\b[1I]?[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{4}\b/
\ No newline at end of file
+body         __MXG_PHONE_OBFU01  /\b[1I]?[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{4}\b/

From ec4bd6eb36160a25c91ce9b0110f98bf8d404169 Mon Sep 17 00:00:00 2001
From: Giovanni <g.bechis@snb.it>
Date: Mon, 27 Oct 2025 08:45:09 +0100
Subject: [PATCH 2/2] change \W to [^a-zA-Z0-9] use bounded repetition counts

---
 rulesrc/sandbox/fkento/20_phone_numbers.cf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rulesrc/sandbox/fkento/20_phone_numbers.cf b/rulesrc/sandbox/fkento/20_phone_numbers.cf
index 10c4cd8083..4228b0a603 100644
--- a/rulesrc/sandbox/fkento/20_phone_numbers.cf
+++ b/rulesrc/sandbox/fkento/20_phone_numbers.cf
@@ -6,7 +6,7 @@ body          __MXG_HAS_PHONE05  /\+1([\W_]*[0-9]){10}(?![\W_]*[0-9])/
 meta          __MXG_HAS_PHONE  __MXG_HAS_PHONE01 || __MXG_HAS_PHONE02 || __MXG_HAS_PHONE03 || __MXG_HAS_PHONE04 || __MXG_HAS_PHONE05
 describe      __MXG_HAS_PHONE  Has a phone number
 
-body          __MXG_PHONE_OBFU  /(?!(1\W*)?\d{3}\W+\d{3}[a-zA-Z0-9-_]+\d{4})\b([1I][^a-zA-Z0-9]*)?[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{3}[^a-zA-Z0-9]+[\dOIl]{4}\b/
+body          __MXG_PHONE_OBFU  /(?!(1\W{0,30})?\d{3}\W{1,30}\d{3}[^a-zA-Z0-9]{1,30}\d{4})\b([1I][^a-zA-Z0-9]{0,30})?[\dOIl]{3}[^a-zA-Z0-9]{1,30}[\dOIl]{3}[^a-zA-Z0-9]{1,30}[\dOIl]{4}\b/
 describe      __MXG_PHONE_OBFU  Has an obfuscated phone number
 
 meta          MXG_PHONE_OBFU_ONLY  __MXG_PHONE_OBFU && !__MXG_HAS_PHONE