Re: [Exim] variation on dns blacklists

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MMDon Walker at <-
MMDr Andrew C Aitchison at ->
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [Exim] variation on dns blacklists
On Mon, 22 Dec 2003, Don Walker wrote:

> My Exim 4.20 receives mail for a user whose mail is forwarded from another
> service with a constant ip address (1st 3 octets), thereby negating my
> normal dns blacklist spam blocking measures. However, the ip address which
> sent the message to the forwarding service is within the headers. I'm
> wondering if/how I can extract that ip address and use it to check against
> dns blacklists.

Look for the subject ".forward files and spam leaks" in the list
archive. Should get you started.

The recipes mentioned there are only useful if you can clearly
identify (i.e in the Received: headers) a few mailers which are
delivering spam in this way. I suspect it would need major ingenuity
to extend it to a wide range of senders. But you said you have a
specific one in mind; in our case, there's a handful of forwarding
sites that are of particular relevance (although each of them seems to
have several different routes for spam, and we need to identify each
of them in order to make the spell really effective).


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] variation on dns blacklistsRe: [Exim] exim SSL without TLS possible?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)