Odhiambo Washington wrote:
> I am having some difficulty blocking some spam, the headers are below:
>
> <begin>
>
> Return-path: <mailman-bounces@???>
> Received: from localhost ([127.0.0.1] helo=gw.kictanet.or.ke)
> by gw.kictanet.or.ke with esmtp (Exim 4.69 (FreeBSD))
> (envelope-from <mailman-bounces@???>)
> id 1Mkydf-000H38-Id
> for alice@???; Tue, 08 Sep 2009 14:13:31 +0300
> Received: from mail.wananchi.com ([62.8.88.102])
> by gw.kictanet.or.ke with esmtp (Exim 4.69 (FreeBSD))
> (envelope-from <kictanet-owner@???>) id 1Mkydd-000H30-VD
> for kictanet-owner@???; Tue, 08 Sep 2009 14:13:29
> +0300
> Received: from 200-103-109-244.gnace701.dsl.brasiltelecom.net.br
> ([200.103.109.244])
> by mail.wananchi.com with esmtp (Exim 4.67 (FreeBSD))
> (envelope-from <kictanet-owner@???>) id 1MkyVC-000HdM-K3
> for kictanet-owner@???; Tue, 08 Sep 2009 14:04:48 +0300
> From: "Stegman Karey" <kictanet-owner@???>
> To: kictanet-owner@???
> Subject: I have plans for you
> Content-Type: text/html; charset="ISO-8859-1"
> MIME-Version: 1.0
> Message-Id: <
> HPROWLC19598.F346F6B@???>
> Sender: mailman-bounces@???
> Errors-To: mailman-bounces@???
>
> </end>
>
> The e-mail should not be having the *-owner@??? if the
> sending host is NOT 127.0.0.1 or 62.8.64.102.
> I am trying the following unsuccessfully in acl_smtp_rcpt:
>
> # Spammers forging our domain in their from: address
> deny message = Forged Sender: $sender_address
> !hosts = : localhost : 62.8.64.102
> condition = ${if match{${lc:$h_from:}}{{lists.kictanet.or.ke}}
I'd try the following,
condition = ${if match{${lc:$h_from:}}{\Nlists.kictanet.or.ke\N}}
HTH
cya
Andrew
> log_message = HEADER_FROM: $h_from noticed in $sender_address
> from $sender_host_address.
>
> What is it that I am missing as I don't seem to catch any of this spam? I
> think my condition is botched:-)
>
>
--
Awdcomp computing services.
Mobile: 0433 263 470
Web: www.awdcomp.net
Email: awd@???
