Re: [Exim] Spam due to forgeries out domains hosted by outbl…

Top Page
Delete this message
Reply to this message
Author: Kevin Reed
Date:  
To: exim-users
Subject: Re: [Exim] Spam due to forgeries out domains hosted by outblaze
Suresh Ramasubramanian said:
> <quote who="Odhiambo G. Washington">
>> We receive a lot of spam with forged sender addresses bearing domain
>> names hosted by Outblaze. I have spoken to the man in the driver's
>> seat at hotblaze (Hi Suresh) and he's given me some valuable advise.
>
> They are not just a problem at your end. And god knows, I've posted
> these filters several times in the past.
>
> 1. If you see ".mr.outblaze.com" in any Rec eived: header -> forged spam.
>
> 2. If you see HELO mail.com, HELO email.com etc --> forged spam


Hmmm... I knew about the mail.com... but I was not 100% sure about
the Received headers on the other until now...

I've been using this for a while, Now I will up the score:

 header MR_OUTBLAZE             Rece ived =~ /mr\.outblaze\.com/
 describe MR_OUTBLAZE           Rece ived Header has mr.outblaze.com
 score  MR_OUTBLAZE             5.0


No space in the second section of the first two lines.

--
Kevin W. Reed - TNET Services, Inc.
Unoffical Exim MTA Info Forums - http://exim.got-there.com/forums