[ On Mon, February 16, 1998 at 23:01:32 (+0000), Alan Thew wrote: ]
> Subject: [EXIM] Problems with spam direct from PoPs
>
> As others may have seen, the "new generation" of spam software does direct
> injection to our/your MTA, no smarthost/3rd part relay etc.
>
> In some cases, the best thing is to just block IP address ranges etc.
> However all attacks seen here so far have blank To: and From: fields. I'm
> still running 1.73 and wondered what the easiest way to trap this.
What's the envelope look like? 99.99% of the similar spam I've seen of
this nature has "invalid" SMTP envelope fields (invalid and non-matching
HELO, invalid MAIL FROM domain, and of course often even invalid RCPT TO
users).
--
Greg A. Woods
+1 416 443-1734 VE3TCP <gwoods@???> <robohack!woods>
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>
--
*** Exim information can be found at
http://www.exim.org/ ***
