I am having some difficulty blocking some spam, the headers are below:
<begin>
Return-path: <mailman-bounces@???>
Received: from localhost ([127.0.0.1] helo=gw.kictanet.or.ke)
by gw.kictanet.or.ke with esmtp (Exim 4.69 (FreeBSD))
(envelope-from <mailman-bounces@???>)
id 1Mkydf-000H38-Id
for alice@???; Tue, 08 Sep 2009 14:13:31 +0300
Received: from mail.wananchi.com ([62.8.88.102])
by gw.kictanet.or.ke with esmtp (Exim 4.69 (FreeBSD))
(envelope-from <kictanet-owner@???>) id 1Mkydd-000H30-VD
for kictanet-owner@???; Tue, 08 Sep 2009 14:13:29
+0300
Received: from 200-103-109-244.gnace701.dsl.brasiltelecom.net.br
([200.103.109.244])
by mail.wananchi.com with esmtp (Exim 4.67 (FreeBSD))
(envelope-from <kictanet-owner@???>) id 1MkyVC-000HdM-K3
for kictanet-owner@???; Tue, 08 Sep 2009 14:04:48 +0300
From: "Stegman Karey" <kictanet-owner@???>
To: kictanet-owner@???
Subject: I have plans for you
Content-Type: text/html; charset="ISO-8859-1"
MIME-Version: 1.0
Message-Id: <
HPROWLC19598.F346F6B@???>
Sender: mailman-bounces@???
Errors-To: mailman-bounces@???
</end>
The e-mail should not be having the *-owner@??? if the
sending host is NOT 127.0.0.1 or 62.8.64.102.
I am trying the following unsuccessfully in acl_smtp_rcpt:
# Spammers forging our domain in their from: address
deny message = Forged Sender: $sender_address
!hosts = : localhost : 62.8.64.102
condition = ${if match{${lc:$h_from:}}{{
lists.kictanet.or.ke}}
log_message = HEADER_FROM: $h_from noticed in $sender_address
from $sender_host_address.
What is it that I am missing as I don't seem to catch any of this spam? I
think my condition is botched:-)
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
"If you have nothing good to say about someone, just shut up!."
-- Lucky Dube