On Fri, Dec 01, 2006, Ted Cooper wrote:
>> I just came out with something like this:
>> deny !condition = ISAUTH
>> !senders = :
>> message = No "Received:" header found in message.
>> log_message = No "Received:" header found in message. RCPT: $recipients
>> condition = ${if ={$received_count}{1}}
>> As far as I know, MTAs are obligated to send "Received:" headers. This
>> seems to be catching spam not caught otherwise.
>> Just in case you were interested.
> Would this actually catch anything though? Even the most primitive
> spambots seem to make an attempt at making a fake Recieved: header. In
> the last week, not one of the messages sitting in my spam traps is
> missing a received header (obviously not including the one my server adds).
Sure. I enabled this check on Nov 29:
# grep -c 'header found in mess' ~exim/rejectlog.1
46
This is after DATA, which means that no other checks kicked in earlier.
My checks are very SMTP-session specific, while greylisting and SA are
opt-in and no one bothers to turn them on.
You're certainly overestimating the spammers. Check my "fascistic RCPT
TO validation" thread to see what they're really made of :-)
--
Unix stuff :: http://tehran.lain.pl
Yet Another RBL :: http://rbl.lain.pl
