One thing this lets through is messages which have NO Message-ID:
header, since exim adds a proper one if it is missing completely.
Wishlist for Exim4: The ability to specify where messages with a
completely missing Message-ID are accepted from (a desirable setting
would be "any hosts in host_accept_relay, or any host that has
succesfully authenticated" - to allow ones one users/customers that may
have broken MUA's through, but outside hosts delivering mail for you
must have a proper message id..)
Actually, this probably wont be of much use for long, since the spammers
would just start putting in valid message IDs.. sigh..
In fact, once ANY anti-spam practice becomes commonplace, spammers find
a way around it..
(OT) By the way, anyone running formmail? Check your logs on that
machine. Formmail has a wide-open security hole and it is now becoming
common for spammers to use your formmail to relay their spam.. Matts
script archive actually has an update - it involves maintaining a list
of authorized formmail recpients..
On Mon, 20 Aug 2001, Marc MERLIN wrote:
> On Mon, Aug 20, 2001 at 09:30:17AM -0700, Jeremy C. Reed wrote:
> > Sometimes I receive spam with no Message-Id or it is set to <>.
> >
> > Does anyone have any advice on whether I should block mail with
> > missing Message-Id or set to "<>"? (Does anyone have success with this?)
>
> Yes, I do.
>
> >From my system_filter:
>
> if $header_message-id matches "<[^>]+@>"
> then
> logfile /var/log/exim/nullmesgidbouncedemail.log 0600
> logwrite "$tod_log $message_id envelope: $sender_address, From: $h_from ($sender_host_name[$sender_host_address]) => $recipients (recipients=$recipients_count) subject=$header_subject\n$message_headers"
>
> # Let's not bounce errors or mails back to us :-)
> if not error_message
> then
> fail text "Sorry, but your message-ID is broken, apparently because your\n\
> hostname isn't set right\n\
> You need to fix this before you can send us mail.\n"
> endif
>
> save /var/spool/exim/rejects/nullmesgidbouncedemail 0644
> seen finish
> endif
>
--
