[Exim] Handling Forgeries of {yahoo|hotmal|aol}.com headers …

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: ODHIAMBO Washington
Date:  
To: Exim users list
Subject: [Exim] Handling Forgeries of {yahoo|hotmal|aol}.com headers - spam control
Hello All,

I have a few questions on the above.

Once upon a time Dave C posted some ACL statements that he was using to "try"
and stop forgeries of the $subject addresses.

http://www.exim.org/mailman/htdig/exim-users/Week-of-Mon-20020610/039790.html

It would appear that some of those ACLs have been overtaken by events when
it comes to ASMTP. I doubt whether hotmail does asmtp, but who know? They
may as well..


One of those acls was:

# All yahoo.com mail will have either
# "...yahoo.com via HTTP "
# *OR*
# "...yahoo.com with NNFMP" 

deny    sender_domains  = yahoo.com
        message         = X-Forgery: NOT YAHOO SERVER
        condition       = ${if match {$h_Received:}{yahoo.com.via.HTTP}{no}{yes}}
        condition       = ${if match {$h_Received:}{yahoo.com.with.NNFMP}{no}{yes}}



I have used that and it seemed to work fine until a few days ago when suddenly
a client complained. The complaint is below. Real Address details are masked out
from spammers eyes.

It seems that yahoo is allowing ASMTP connections. In order not to allow stupid
open relaying, how would I write a condition to match the $h_Received: show below??


-----Original Message-----
From: MAILER-DAEMON@??? [mailto:MAILER-DAEMON@yahoo.com]
Sent: Wednesday, May 07, 2003 5:20 PM
To: janedoe@???
Subject: failure delivery

Message from yahoo.com.
Unable to deliver message to the following address(es).

<foobar@???>:
62.8.64.4 failed after I sent the message.
Remote host said: 550 X-Forgery: NOT YAHOO SERVER

--- Original message follows. 

Return-Path: <janedoe@???>
Received: from uu-195-202-74-27.uunet.co.ke (HELO computer)
(janedoe@195.202.74.27 with login)
  by smtp.mail.vip.sc5.yahoo.com with SMTP; 7 May 2003 14:19:23 -0000
Reply-To: <janedoe@???>
From: "Jane Doe" <janedoe@???>
To: <foobar@???>
Subject: test
Date: Wed, 7 May 2003 17:19:01 +0300
Message-ID: <MABBKABBAOMLHHGBJDPGEEGGCIAA.lsmoll@???>
MIME-Version: 1.0
Content-Type: multipart/alternative;
        boundary="----=_NextPart_000_0000_01C314BC.C0BB1880"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
...


</cut>


Danke/Merci/Thank you


-Wash 

--
Odhiambo Washington   <wash@???>  "The box said 'Requires
Wananchi Online Ltd.  www.wananchi.com      Windows 95, NT, or better,'
Tel: +254 2 313985-9  +254 2 313922         so I installed FreeBSD."
GSM: +254 72 743223   +254 733 744121       This sig is McQ!  :-)



Good leaders being scarce, following yourself is allowed.


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] STARTTLS command used when not advertised[Exim] Re Exim in the news->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)