Could MailScanner be trained to use DNS black lists for the
X-Originating-IP: field check?
Matt Kettler
mkettler at EVI-INC.COM
Thu Sep 2 22:19:50 IST 2004
<x-flowed>
At 12:30 PM 9/2/2004, Kai Wang wrote:
>Sending spam through systems like yahoo or hotmail is quite common.
>Currently, we check the IP of the machine
>that mail is coming from against the DNS based lists. There are many
>cases in which the earlier X-Originating-IP:
>and Received: fields should be checked. In the following case
>209.89.159.117 is on the RBL+ list. We need to
>consider checking Received:, X-Originating-IP:, etc. against; the DNS lists.
I'm not sure if you're using SpamAssassin with MailScanner, but if you are,
SA 2.60 and higher already does this in check_rbl_backend of EvalTests.pm.
SA can query the RBL+ list, you just need to set a score for it if you're a
paid user (It's off by default because it's a for-pay service).
try something like this in /etc/mail/spamassassin/local.cf
score RCVD_IN_MAPS_RBL 2.0
score RCVD_IN_MAPS_DUL 2.0
score RCVD_IN_MAPS_RSS 2.0
score RCVD_IN_MAPS_NML 2.0
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>
More information about the MailScanner
mailing list