I've been getting a bunch of spam from zombied hosts in the 222.x.x.x range.
Much of it get blocked by spamhaus and other lists, but there's been enough
left that it's noticeable. Whois says that this netblock is assigned to
"Air Force Logistics Command". The senders of the spam vary, but none of
them are domains that have spf.
Does anybody see any downside to doing something like:
sub filter_sender($$$$) {
my ($sender, $ip, $hostname, $helo) = @_;
if ( ($ip =~ /^222\./) && ($sender !~ /af\.mil\>?/i) ) {
return ('REJECT', 'Not USAF address');
}
return ('CONTINUE', 'OK');
}
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
