Re: [exim] an ACL snippet

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Stanislaw Halik
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: Re: [exim] an ACL snippet
On Fri, Dec 01, 2006, Ted Cooper wrote:
>> I just came out with something like this:


>> deny !condition  = ISAUTH
>> !senders    = :
>> message     = No "Received:" header found in message.
>> log_message = No "Received:" header found in message. RCPT: $recipients
>> condition   = ${if ={$received_count}{1}}


>> As far as I know, MTAs are obligated to send "Received:" headers. This
>> seems to be catching spam not caught otherwise.


>> Just in case you were interested.


> Would this actually catch anything though? Even the most primitive
> spambots seem to make an attempt at making a fake Recieved: header. In
> the last week, not one of the messages sitting in my spam traps is
> missing a received header (obviously not including the one my server adds).


Sure. I enabled this check on Nov 29:

# grep -c 'header found in mess' ~exim/rejectlog.1    
46


This is after DATA, which means that no other checks kicked in earlier.
My checks are very SMTP-session specific, while greylisting and SA are
opt-in and no one bothers to turn them on.

You're certainly overestimating the spammers. Check my "fascistic RCPT
TO validation" thread to see what they're really made of :-)

-- 
Unix stuff      :: http://tehran.lain.pl
Yet Another RBL :: http://rbl.lain.pl