* Suresh Ramasubramanian <linux@???> [20040218 13:02]: wrote:
> <quote who="Odhiambo G. Washington">
> > We receive a lot of spam with forged sender addresses bearing domain
> > names hosted by Outblaze. I have spoken to the man in the driver's
> > seat at hotblaze (Hi Suresh) and he's given me some valuable advise.
>
> They are not just a problem at your end. And god knows, I've posted these
> filters several times in the past.
>
> 1. If you see ".mr.outblaze.com" in any Received: header --> forged spam.
>
> 2. If you see HELO mail.com, HELO email.com etc --> forged spam
Could you kindly let me know what you see could be amiss with these two
rules, because some spammers manage to bypass them...
deny message = We do not accept helos from mail.com or email.com
condition = ${if match{$sender_helo_name}{\N^e?mail\\.com\N}{yes}{no}}
deny message = HELO of outblaze.com not from an outblaze address
!hosts = 205.158.62.0/24 : 202.86.166.0/24: 210.177.227.128/28 : 203.86.162.161/28
condition = ${if eq{$sender_helo_name}{outblaze.com}{yes}{no}}
cheers
- wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) |
<wash at wananchi dot com> . 1ere Etage, Loita Hse, Loita St., |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
--from a /. post
