On 06/18/2014 07:34 AM, spamassas...@lcwsoft.com wrote:
On 17.06.2014 17:25, Axb wrote:
On 06/17/2014 09:13 PM, Axb wrote:
On 06/17/2014 08:40 PM, spamassas...@lcwsoft.com wrote:
On 17.06.2014 14:09, RW wrote:
On Mon, 16 Jun 2014 17:03:31 -0230
spamassas...@lcwsoft.com wrote:
> originating_ip_headers X-WebmailclientIP
Actually, that might meet my needs in a better way, as I could add a
custom header and then set that.
I don't think that's a good idea, originating IP addresses may
legitimately be dynamic, so blocklists that tend to FP on dynamic
addresses aren't applied. This is where having an interface for adding
extra IP addresses to be checked would be useful.
In our case, I would only be using it for when the e-mail contains an
X-PHP-Script header and is outgoing from our server, to prevent
outgoing
spam from PHP script, as we have some clients with forms being abused
currently and cannot possibly police all their forms.
Can you show us a sample of such a header?
I'm trying to understand what adds that header if, as you say, have
no control over the abused form code?
PHP with the MailHeaders patch: https://choon.net/php-mail-header.php
It puts a header with the script name and IP address, which I want to
check against one or more RBLs to see if it is listed as a spammer. We
run SpamAssassin on our outbound mail to help filter any possible
outgoing spam, so such a rule could be used to help prevent outgoing
spam from abused PHP forms on our server as a temporary resolution until
the clients can fix their forms.
From what I understand, you want to do a type A lookup with the URIBL
plugin against that header and hope some BL has it listed which is
highly unlikely because most BLs list spam exit point IPs.
XBL and some SBL listings could possibly detect some of this but I
wouldn't hold my breath unless you have such a massive problem that you
make a global difference.
At this point I'm not convinced this will mitigte your problem.
Hmmm.....as you're not the first person in the world with this problem I
wonder what other approaches could be more efficient....
