On Tue, 2008-11-11 at 10:56 -0500, Dean Brooks wrote:
> On Tue, Nov 11, 2008 at 12:08:24AM +0100, Kjetil Torgrim Homme wrote:
> > deny message = Faked hotmail, so you must be spam.
> > log_message = Fake hotmail
> > senders = *@hotmail.com
> > condition = ${if match {$sender_host_name} \
> > {\Nhotmail.com$\N}{no}{yes}}
> >
> > the test checks the envelope sender, not the headers of the e-mail. you
> > won't get false positives from mailing lists, forwarded e-mail or eBay
> > with that rule.
>
> That rule will absolutely break forwarded email from hotmail users
> unless you take measures in earlier ACLs to skip the check.
>
> Checking the envelope sender doesn't make this rule any more
> resilient. Email that is bounced or relayed forward to a new
> recipient will still have an envelope sender from hotmail.com.
oh sorry, I was thinking of mail forwarded by a MUA. Hotmail advertises
SPF [*], so they don't want forwarding at the MTA level to work
anyway ;-)
*) with "~all", not "-all", but still.
--
regards,
Kjetil T.
