Torsten Luettgert <t.luettgert@???> (Di 21 Apr 2009 18:29:05 CEST):
> Hello all,
>
> we've been using sender verification callouts for a while now,
> and it still kills a lot of spam.
>
> But alas, in these modern times, there are honeypot addresses
> which sometimes appear as sender addresses in spam and cause our
> box to be blacklisted because it tries to verify the address.
> This is mainly uceprotect. I won't comment on them here.
>
> Ok, now here's the question after all this build-up: can I skip
> sender verification for certain IP addresses? I can of course
> filter by the IP of the sending host, but that's not what I want -
> I want to skip the verify if the target is one of those honeypot
> addresses.
It depends on your ACL configuration. Always you can emply the
$sender_host_address variable. Or you can use the 'hosts = ..' ACL item.
# "sub"-ACL
acl_sender_verify:
accept hosts = <LIST OF SENDER IPs YOU WANT TO SKIP>
accept verify = sender/callout
deny message = sender verification failed
# the "normal" RCPT-ACL
acl_check_rcpt:
...
require acl = acl_sender_verify
I'm sure there is a more elegant solution, but this is, what just now
comes into my mind.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann HS12-RIPE -----------------------------------------
gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -