I would like to write an ACL rule in my acl_smtp_mail that essentially would
compare the sender to the recipient and if they match where the control is
submission, deny it.
Sender = james@???
Recipient = james@???
Its an outgoing relay from an untrusted IP
I want to deny it.
What I seem to see a lot of here and there is spam being sent as myself to
myself from the outside. SA catches much of it, but occasionally it does
not. Another thought would be maybe have a rule in my data acl where the
message size is below 100k, exceeds a scored threshold of 5.0 from SA and
the localpart@domain is the same for the sender/recipient.
I haven't been successful writing a rule in either case.
Maybe something like this for an SA rule where sender and domain match:
deny message = SPAM: scored $spam_score where sender/recipient match
spam = nobody:true
condition = ${if <{$message_size}{100k}{1}{0}}
condition = ${if >{$spam_score_int}{50}{1}{0}}
condition = $(if eq{$sender}{$recipient}}
Of course the syntax for the 3rd condition is wrong. Any hints on that
part?
Thanks,
James
James R. Price
Digital Chicago Networks, Inc.
3636 S. Iron St., Chicago, IL 60609
Tel/Fax/Cell: 800-603-0769
Web:
www.digitalchicago.net
Email: james@???
