Request for comments

[Matt Kettler]

Alex Broens wrote:
> On 7/20/2007 7:36 PM, Matt Kettler wrote:
>> Alex Broens wrote:
>>> On 7/20/2007 6:55 PM, Steven Andrews wrote:
>>>> Why not?  I know specious argument, but this would work well so you
>>>> could apply a penalty or a credit to a certain domain.
>>>>
>>>> Blackberry devices are just an example, they always trigger certain
>>>> rules that push their scores up.  Are they going to change that fact?
>>>> Nope.  Do I want to lower the value of those rules?  Nope.  They catch
>>>> other traffic.  Do I want to whitelist blackberries entirely...no way.
>>>> If I had a mechanism to punish or credit a certain domain, that would
>>>> allow such a situation where I can keep rules intact but adjust the
>>>> spamminess of a domain.
>>> header BLACKBERY_PASSTHRU   Received =~
>>> /smtp[0-9]{2}\.\w+\.\w+\.blackberry\.com\b/
>>> score  BLACKBERY_PASSTHRU   -5.0
>>>
>>
>> Even better, use X-Spam-Relays-Untrusted. It's a fake header generated
>> by SA
>> that contains pre-parsed Received: headers. Its format is constant and
>> isn't MTA
>> specific. The first entry is the host delivering to your last trusted
>> server.
>> ie: if your trusted_networks isn't broken the last trusted server,
>> making the
>> machine dropping mail off at your network the first untrusted.
>>
>>
>> This little trick starts at the begining of the text (hence the first
>> ^) and
>> scans ahead for blackberry.com, but will sto if it encounters a ]
>> (which would
>> be the closing bracket of the end of the first entry)
>>
>> header BLACKBERY_PASSTHRU X-Spam-Relays-Untrusted =~
>> /^[^\]]+rdns=smtp[0-9]{2}\.\w+\.\w+\.blackberry\.com\n/
> 
> DOH!
> 
> used that for other stuff.. dunno why I didn't think of it for the
> "blueberrries"
> 
> thanks for the hint

No problem.