Johan Almqvist wrote:
On 21. jan. 2010, at 16.57, Christian Herndler wrote:
I get a lot of spam where the sender uses a whole /24 Subnet as mail
relay, the helo uses the pattern
mx{last-octet-of-ip}.domainname.net
so it could be blocked using the check_spamhelo plugin, but to do that
this plugin would need a small change as it only works with hostnames.
I've had a similar problem at the MAIL FROM level (right-hand side VERP, you
could say) and fixed this with this plugin:
http://github.com/tyskjohan/qpsmtpd/blob/master/plugins/check_badmailfrom_patterns
Also consider using Enemies List on the HELO. It's very effective.