Am 11.02.2010 22:37, schrieb Spiro Harvey: > We're getting a boatload of To and From addresses starting with pipe > characters on one of our clients' mailservers. The messages themselves > don't appear particularly malicious -- the ones we've seen are just > pill spam -- but there are craploads of them. > > I was thinking about configuring an SA rule to just bump the scores up > a few points (most of those that are getting thru seem to be scoring > about 8 or 9), so adding a few points will push them into reject > territory. > > Oh, and the client has historically allowed catch-all mail domains > hence why so many of these are being delivered. We've managed to get > them to not allow catch-alls now, but they still have 20-odd-thousand > historical domains that haven't had the catch-alls removed yet.. > > So I'm just wondering if others encounter this with enough regularity, > and if so what your thoughts and advice are. I don't particularly want > to add rules into sendmail, so SA is my avenue of choice. > > Cheers >
I also had a lot of load for this kind of mail until I added a header_checks rule Ralph