Re: [exim] Cannot send mails to @hotmail.com addresses

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Mike Cardwell
Data:  
Para: exim users
Assunto: Re: [exim] Cannot send mails to @hotmail.com addresses
mavior wrote:

>> To further expand on this. It appears that this technique does not
>> "bypass" their filters, but gives the message a much higher likelyhood
>> of passing them only.
>>
> Like I said before, mails sent through Outlook express pass and don't
> need those overhead at all!
> So i have no time to test now but analyzing some outlook express sent
> header could give more information on this.Even though, like someone
> said above, add outlook signature and headers could be potential risk.


I don't have access to Outlook Express here "unfortunately". At a guess,
OE headers are a point scorer rather than a free pass though.

>> hotmail:
>>    driver      = dnslookup
>>    domains     = hotmail.com : hotmail.co.uk : hotmail.fr : hotmail.it : 
>> hotmail.de
>>    condition   = ${if or{\
>>                     {match{$h_References:}{\N^<BAY\d+-.+@phx\.gbl>$\N}}\
>>                     {match{$h_In-Reply-To:}{\N^<BAY\d+-.+@phx\.gbl>$\N}}\
>>                  }{false}{true}}
>>    transport   = remote_smtp
>>    headers_add = ${readfile{/etc/exim4/hotmail_fodder.txt}}
>>    ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
>>    no_more

>>
>> The differences:
>>
>> 1.) There are more hotmail domains
>> 2.) It doesn't execute if there are hotmail References or In-Reply-To
>> headers as the mail will get through anyway
>> 3.) Instead of calling the perl exe to generate the headers, stick them
>> in a file and use readfile
>>
>> hotmail_fodder.txt contains the following:
>>
>> References: <BAY000-000000000000000000000000000@???>
>> In-Reply-To: <BAY000-000000000000000000000000000@???>
>>
>> Followed by about 500 lines of these headers:
>>
>> X-Hotmail-Fodder:
>> 0000000000000000000000000000000000000000000000000000000000000000000000000000000000
>>
>> Mike
>>
>>
> Two questions: the file should be filled with about 450/500 of this line
>
> X-Hotmail-Fodder:
> 0000000000000000000000000000000000000000000000000000000000000000000000000000000000 ??


To be honest. The figure I came up with was just me randomly testing on
about 20/30 emails, so is rather arbitrary. I couldn't tell you what a
safe number is without considerably more testing, and even then it could
change as hotmail adjust their filtering (if they do). I just said 500
because it felt like a good safe level to me and that's what I'm
personally using. The header content is irrelevant it seems, it's purely
down to the message size. >50KB seemed like a good level.

> And what is
> phx.gbl?
>
> thank you very much for this


I've no idea. I was simply replicating what a reply to an email sent
from hotmail looks like. Create a hotmail account and email yourself and
then take a look at the Message-ID. That's what I was spoofing.

Mike