[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vps-mail] How to block Spam with fake MessageID?

Subject: Re: [vps-mail] How to block Spam with fake MessageID?
From: Scott Wiersdorf <scott@xxxxxxxxxxxx>
Date: Tue, 9 Sep 2003 09:34:55 -0600

On Tue, Sep 09, 2003 at 09:07:00AM -0600, Scott Wiersdorf wrote:
> The only problem is, of course, that this won't catch forgeries (and
> you see that a lot), but here is the heuristic:
> 
>     Emails with message-id from my server should also have a domain
>     name in sendmail's w class (typically ~/etc/local-host-names is
>     complete).
> 
> With that, we could write something like this:
> 
>     :0:
>     * ^From:.*@\/[^>]+
>     * ! $ ? egrep -iqf "${MATCH}$" /etc/mail/local-host-names
>     faked-message-id

Silly me! We don't do any message-id checking, of course. Let's try
this instead:

    :0:
    * ^Message-ID: .*@\/[^>]+
    * ! $ ? egrep -iqf "${MATCH}$" /etc/mail/local-host-names
    faked-message-id

Scott
-- 
Scott Wiersdorf
scott@xxxxxxxxxxxx
======================================================================
Technical questions regarding this list may be sent to
<vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help
response by sending an email with the word 'help' (w/o quotes) in the
BODY of the message (subject is ignored) to <vps-mail-request@xxxxxxxxxxxx>.
======================================================================

References:
- Re: [vps-mail] How to block Spam with fake MessageID?
  - From: Scott Wiersdorf
- RE: [vps-mail] How to block Spam with fake MessageID?
  - From: Martin Fischer
- Re: [vps-mail] How to block Spam with fake MessageID?
  - From: Scott Wiersdorf

Prev by Date: Re: [vps-mail] How to block Spam with fake MessageID?
Next by Date: [vps-mail] mailheader with X-transfer-????
Previous by thread: Re: [vps-mail] How to block Spam with fake MessageID?
Next by thread: [vps-mail] administrativa -- list etiquette
Index(es):
- Date
- Thread

Main Index | Thread Index