Quoting Ken Olum <kdo@???>:
> I'm thinking of trying to use Bjarni Einarsson's rbl-check system
> (http://bre.klaki.net/programs/spam/rbl-check.pl.txt) that checks for
> blacklisted sites in Received: headers. Since it's in perl, I thought
> I might be able to run it with the embedded perl facility.
>
> Has anyone tried this or done anything else in exim for dealing with
> forwarded spam? The regular blacklist facilities only work when the
> blacklisted site is the one contacting you directly.
>
If you're talking about checking all the headers, you're making a mistake.
Example:
1. Spammer A dials in and gets 1.2.3.4.dialup.xyz.net.
2. Spammer A send 100000 spams and get's the address blacklisted.
3. You dial in and get assigned 1.2.3.4.dialup.xyz.net.
4. You send your legitimate email via mail.xyz.net.
5. Legitimate mail bounced because 1.2.3.4.dialup.xyz.net is in the received
headers.
Only reasonable check is the host that's sending to YOU.
-Jeff