Blocking empty To with rules

Mike Williams mike at TECHINTER.COM
Fri Feb 14 18:05:36 GMT 2003


Thanks for the info I was missing the needmailhelo.  Is it possible that
this will prevent blank from: also?

Mike

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
Behalf Of Matt Kettler
Sent: Friday, February 14, 2003 11:04 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Blocking empty To with rules


Some general Suggestions (I'm assuming sendmail):

Edit your sendmail.mc:

define(`confPRIVACY_FLAGS',
`needmailhelo,authwarnings,novrfy,noexpn,restrictqrun')dnl

Most important here is "needmailhelo".. this gets rid of tools that are too
stupid to issue a HELO/EHLO, which no valid mailserver does.

Most email showing up with no HELO issued is wildly mis-formatted spam, so
that just prevents that problem right off. I've never seen a real email
server fail to HELO when told it must do so.


Also, if you're running SpamAssassin with mailscanner, the rule for this is
MISSING_HEADERS.. jack up the score for it and watch em get spam-tags, or
if you jack it up high enough, high-scoring spam actions, every time.

It should be noted however that according to the STATISTICS.txt with
spamassassin 2.43, some reasonable percentage of the SA nonspam corpus has
a missing To: header (0.64% of the nonspam corpus matched).



At 10:06 AM 2/14/2003 -0600, Mike Williams wrote:
>Is it possible to block a spam message where the To is empty?  We are
>getting a ton of spam from AOL and in the sendmail logfile the To is blank.
>I wouldn't mind shutting AOL down from having access to our server but I'm
>sure our customers would complain :)
>
>Mike



More information about the MailScanner mailing list