Regex question
Alex Neuman van der Hans
alex at nkpanama.com
Tue Jun 28 22:45:05 IST 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Craig Daters wrote:
>
> On Jun 28, 2005, at 7:38 AM, Rick Cooper wrote:
> <--snipped for cleanliness sake-->
>
> >>messages is not a problem. I have been feeding all of these to the
> >>Baysian database to bring their scores up to an acceptable level, and
> >>I
> >>will certainly add a rule as well for SpamAssassin. I would prefer to
> >>stop these at the MTA level entirely and save to CPU power this would
> >>otherwise generate, but this is a start.
> >>
> >>Thank you everyone for your help and input.
> >>
> >MTA is where all of my RBL checking takes place. You don't say what
> >the MTA
> >is but I would think about any can accommodate RBL checks these days. I
> >personally believe in doing as many checks at SMTP time is best. Basic
> >checks I do are:
>
>
> >Helo checks : helo with my hostname, ip literal or a host name from my
> >domain - drop and firewall
> > helo with bare IP - drop
> > helo without a FQDN - drop
>
> >Rcpt to checks: Invalid user drop (of course)
> > non-authenticated local user outside the network - drop
> > fails sender callout verification - drop
> > in one of several RBLs (although I don't check DUL) - drop
>
> >Data checks: basic bad mime type (.com|.exe|.pif|.bat) - drop
> > Virus - drop and firewall (exim/exiscan BD, ClamAV,
> >f-prot)
> > Spam score above 15 - drop
> > SPF fails - drop
>
> >There are, of course, more dealing with relaying and so forth but for
> >the
> >most part I have relatively few things that we definatly do not want,
> >pass
> >through to MS to deal with, and I haven't generated a bounce in so
> >long I
> >couldn't tell you the last time. Drop the stuff you *know* shouldn't
> >arrive
> >and let MS handle filename, type, archives, bad content, the marginal
> >spam,
> >etc.
>
>
> I am using Sendmail 8.13.1-2 (RHEL RPM) for my MTA. I like what you are
> saying here. I don't know how difficult these will be to implement. I
> have enabled Sendmail's option to not accept mail from non-FQDN
> sources, And I have blacklisted a couple of countries that have sent us
> spam in the past that I know we would never receive legitimate email
> from, but that is all.
>
> ---
> Craig Daters (craig at westpress.com)
> Systems Administrator
>
> West Press
> 1663 West Grant Road
> Tucson, Arizona 85745
>
> (520) 624-4939 x208
> (520) 624-2715 fax
> www.westpress.com
>
How do you block mail from non-fqdn sources, exactly? Any url's to a
page showing examples? Thanks...
--
Please note: It is the policy of West Press that all e-mail
sent to and from any @westpress.com address may be recorded
and monitored. Unless it is West Press related business,
please do not send any material of a private, personal,
or confidential nature to this or any @westpress.com
e-mail address.
This message has been scanned for UCE (spam), viruses,
and dangerous content, and is believed to be clean
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list