Blocking empty To with rules

Matt Kettler mkettler at EVI-INC.COM
Fri Feb 14 17:03:42 GMT 2003

Some general Suggestions (I'm assuming sendmail):

Edit your


Most important here is "needmailhelo".. this gets rid of tools that are too
stupid to issue a HELO/EHLO, which no valid mailserver does.

Most email showing up with no HELO issued is wildly mis-formatted spam, so
that just prevents that problem right off. I've never seen a real email
server fail to HELO when told it must do so.

Also, if you're running SpamAssassin with mailscanner, the rule for this is
MISSING_HEADERS.. jack up the score for it and watch em get spam-tags, or
if you jack it up high enough, high-scoring spam actions, every time.

It should be noted however that according to the STATISTICS.txt with
spamassassin 2.43, some reasonable percentage of the SA nonspam corpus has
a missing To: header (0.64% of the nonspam corpus matched).

At 10:06 AM 2/14/2003 -0600, Mike Williams wrote:
>Is it possible to block a spam message where the To is empty?  We are
>getting a ton of spam from AOL and in the sendmail logfile the To is blank.
>I wouldn't mind shutting AOL down from having access to our server but I'm
>sure our customers would complain :)

More information about the MailScanner mailing list