I recently came across the specification for valid AOL addresses. It's simple, and easy to put into a regexp. It's only blocked 8 messages in the last few hours since I went from logging to rejecting, but that's 8 messages that didn't need to be scanned for viruses or spam.
In case anyone else might find it useful, here's an abbreviated version of my filter_sender: sub filter_sender ($$$$) { my ($sender, $ip, $name, $helo) = @_; $sender =~ s/.*\<//; $sender =~ s/\>.*//; $sender = lc($sender); # Check for bogus AOL addresses as described at # http://postmaster.aol.com/faq/mailerfaq.html#syntax # - all alphanumeric, starting with a letter, from 3 to 16 characters long. if ($sender =~ /[EMAIL PROTECTED]/i && $sender ne '[EMAIL PROTECTED]' && $sender !~ /^[a-z][a-z0-9]{2,[EMAIL PROTECTED]/i) { return ('REJECT', 'Forged AOL address detected.'); #md_syslog 'info', "$QueueID: Forged AOL address detected."; } return ('CONTINUE', 'ok'); } -- Kelson Vibber SpeedGate Communications, <www.speed.net> _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang