On Mon, May 06, 2002 at 08:34:54PM -0500, Jason L Tibbitts III wrote:
> >>>>> "MM" == Marc MERLIN <marc_news@???> writes:
>
> MM> If I may, you should not do this.
>
> This is a religious issue, and I have actively chosen to make use of
> these blocklists. I fully understand the implications. But I am only
> just converting from Sendmail, and after more analysis I may convert
> to merely warning on Spamcop hits. Osirusoft (and more precisely, SPEWS)
> stays, because I agree with SPEWS wholeheartedly (including the
> intentional collateral damage).
I think Osirusoft is good, it just depends which codes you filter on. It
returns from 127.0.0.1.to 127.0.0.6 IIRC, and some of those returns are
"better" than others for blocking purposes (from my experience with
spamassassin)
> MM> Again, running spamassassin instead would solve this problem.
>
> I was mostly unimpressed with spamassassin, but I intend to
> investigate it again in the future.
Well, even if you don't like it, you could rip most of its checks out, and
only use it to query multiple blacklists, and add up the numbers.
Then, you can block the mail only if the added number is big enough.
> MM> Doesn't !hosts = lsearch;/home/{local_part}/whitelist_hosts work?
>
> No dollar sign there? Perhaps that's what I was doing wrong. (And
No, I just forgot.
If that doesn't work, try condition, condition should do what you need.
For instance, I have:
deny hosts = !+localadds:!+host_disable_callback:*
#sender_domains = !+envdomain_disable_callback:*
!condition = $header_X-WhitelistedRCPT-nohdrfromcallback:
!condition = ${lookup{${domain:$header_from:}}lsearch{HDR_DOMAIN_DISABL
E_CALLBACK} {yes}{no}}
> MM> Once you hit system_filter, it's too late, you've accepted the
> MM> mail, so you then have to trust the return address if you want to
> MM> bounce the mail.
>
> That's what I was afraid of. Of course, that may be OK, because the
> ones who care about the bounces are the ones using real addresses.
> Spammers probably don't care at all.
If you use SMTP callbacks, you will greatly increase the odds that you can bounce a message that you are going to accept.
> I'll look into your spamassasin hooks. Thanks for the input.
Watch for an update announcement here, I have a small Content-Type: bug to
fix.
Marc
--
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page:
http://marc.merlins.org/ | Finger marc_f@??? for PGP key
