Rejecting Spammers

John Rowan rowan at rownetco.com
Thu Jul 20 16:29:43 IST 2006 

I've posted similar inquiries to sendmail's news group without receiving 
a successful resolution.  I have had feedback there but it wasn't 
something that could be implemented without impacting potential customers.

I, like most everyone else receiving email, receive trash where the 
Received from: only indicates a number.  Sometimes the number is 
negative.  I don't know the significance of the number, perhaps it is 
the ad campaign or the spammer's customer number.  I have been using 
procmail recipes to send their crap to /dev/null.  The procmail recipe 
is getting quite long.   In a very large majority of the junk I have 
noticed that the X-Mailer is The Bat! (see last line below).  Today I 
added a new section to the recipe that looks to see if the X-Mailer line 
is The Bat! and will be /dev/nulling that crap as well.  This is all 
well and good but it takes (ever increasing) cpu cycles to process each 
message (as the recipe gets longer and longer).  I also use sendmail's 
access.db to reject domain names and IP netblocks which is more 
efficient as it turns these morons away at the door with an "in your 
face" message informing them of the rejection.  Granted these jerks 
aren't going to care about one rejected message.  I take some 
satisfaction though when I see that 7000 plus junk emails have been 
rejected by the access database or by the real time black hole listing 
services that are also part of my sendmail configuration.

Long story short, does anyone here know of additional methods of turning 
these morons away upon connection rather than accepting their junk then 
having to have procmail examine / trash them?
 

Two recipes from my .procmailrc file:

:0
* ^Received: from 149051672
{
        LOGFILE= $HOME/spammerhiding
        :0
        $HOME/spammerhiding.log
}

:0
* ^X-Mailer: The Bat!
{
        LOGFILE= $HOME/thebatcrap
        :0
        $HOME/thebatcrap.log
}



Received: from -1214334648 ([58.38.104.145])
        by deleted  (8.11.6/8.11.6) with SMTP id k6KF5Mb16420
        for <deleted>; Thu, 20 Jul 2006 11:05:23 -0400
Received: from graphimpressions.com (-1217230040 [-1214449216])
        by goodstitch.com (Qmailv1) with ESMTP id 91710279CB
        for <deleted >; Thu, 20 Jul 2006 08:07:33 -0700
Date: Thu, 20 Jul 2006 08:07:33 -0700
From: "Conservationists F. Divinest" <dbmaker at graphimpressions.com>
X-Mailer: The Bat! (v2.00.9) Personal

-------------- next part --------------
A non-text attachment was scrubbed...
Name: rowan.vcf
Type: text/x-vcard
Size: 235 bytes
Desc: not available
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20060720/4bfce678/rowan.vcf

More information about the MailScanner mailing list