On 8 Jan 2006, at 20:51, Giuliano Gavazzi wrote:
>
> do you do sender callout? If yes then you have found the answer.
> There's no point in doing sender callout and then block the callout
> because you do not like it... or better, there is a point, and that
> is to hit your foot with the spade, as we say here...
> Naturally, if you whitelist empty senders at RCPT you must block
> spammy ones at DATA (or perhaps predata?).
sorry, I express myself with an improper analogy. (it should have
been: don't do to others...)
Leaving analogies alone, let me give you an example. I do do callouts
and for consistency:
# the remote callout/bounce messages accept rule (but only if for
existing local user)
accept domains = +local_domains
senders = :
endpass
message = unknown user
verify = recipient
if they proceed to the data phase (so it is not a callout) I apply
mercilessly my antispam rules.
g
