John R. Levine wrote:
>>What you want is:
>>/var/qmail/control/badmailheaderto
>>which really doesn't buy you anything.
> What I would like, and I believe what he's asking for, is
> /var/qmail/control/badmailto which would list specific addresses in
> otherwise acceptable domains to which all mail should bounce
> instantly. They'd match against the "MAIL TO:<whoever>" command, not
> anything in the body.
> I have a fist full of 100% spam-only addresses in my domains that were
> scraped ages ago, never were valid, and get spammed every day. I
> currently receive the spam and complain back to the IP sender, but it
> would be easier to bounce them directly.
What you and others have failed to realise in this thread is that although
you may be receiving spams with the header "To: [EMAIL PROTECTED]" you
*will not* be receiving the email into your system with a
RCPT TO: <[EMAIL PROTECTED]>
Others have pointed out the two differing and *unrelated* matching against
rcpt smtp envelope addressing and the To: Headers.
So, Either you match against the smtp envelope address (currently available
by default because qmail controls where your local users mail is delivered
to), or as suggested above you need a control/badmailheaderto type file.
So, to conclude, just so there is no misunderstanding. You can't reject mail
before accepting it just because it has a To: header commonly used by spammers.
[Obviously, because to see the header you must have accepted the email].
And to give you a solution, if you really need one, is to have qmail pipe the
email to a Maildir enabled procmail which can easily see common spammer
headers.
http://www.tibus.net/pgregg/projects/qmail/spamfilter/
Paul Gregg
--
Email pgregg at tibus.net | Email pgregg at nyx.net | Eight out of every
Technical Director | System Administrator | five people are math
The Internet Business Ltd | Nyx Public Access Internet | illiterates.
http://www.tibus.net | http://www.nyx.net | - Anon.
