Peter Lindberg wrote:
> I'm getting more and more spam from webmail sites like hotmail, and i
> was wondering if it was possible to write an acl to check the
> X-originating-IP header against blacklists. i thought it would be a
> simple task, but i've failed. perhaps somebody could clue me in :-)
In your DATA acl *only* ...
deny condition = ${if
match{$h_X-Originating-IP:}{\N^\d{1,3}(\.\d{1,3}){3}$\N}}
dnslists = sbl-xbl.spamhaus.org/$h_X-Originating-IP: \
: bl.spamcop.net/$h_X-Originating-IP:
message = $h_X-Originating-IP: is listed on $dnslist_domain \n\
$dnslist_text
That would do lookups against both sbl-xbl.spamhaus.org and bl.spamcop.net
It assumes the you have headers like:
X-Originating-IP: 192.168.0.1
And not anything like for example:
X-Originating-IP: [192.168.0.1]
If that's not the case, please provide more info and we can build
something to parse out the contents of the X-Originating-IP header.
Mike
