On 1/31/2014 9:24 AM, Rainer Fügenstein wrote:
mails delivered via sendmail SMTP AUTH contain a Received: header like this:
Received: from [192.168.5.238] (xyz.example.com [90.217.201.80])
(authenticated bits=0)
by myserver.mydomain.at (8.13.8/8.13.8) with ESMTP id s0VE3Iwj027715
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <[email protected]>; Fri, 31 Jan 2014 15:03:19 +0100
could anyone here help with a rule that matches this header, please? I
tried for quite some time now but can't get it done :-(
important parts to match are "(authenticated bits=\d+)" and
"myserver.mydomain.at"
On 31.01.14 09:41, Bowie Bailey wrote:
header MY_AUTH ALL =~ /\(authenticated
bits=\d+\)\s+by\s+myserver.mydomain.at/
Note that this is a spoofable rule. Anyone can add a fake header to
their message containing this string and it will match.
(rule is off the top of my head and untested)
I think this is what X-Spam-Relays-Trusted pseuo-header is for...
It just has different form and the auth info should be already there
parsed...
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"One World. One Web. One Program." - Microsoft promotional advertisement
"Ein Volk, ein Reich, ein Fuhrer!" - Adolf Hitler
