OT: TLD domain changes
Ken A
ka at pacific.net
Thu Jul 31 20:04:25 IST 2008
Scott B. Anderson wrote:
> I can't block any email based solely upon its source TLD, even if it
> is China and I have no Chinese clients because some users may receive
> legit email from business contacts there, and this goes for a lot of
> countries, so I think MTA based domain filtering is out of the
> question. I've had a list in SA to limit the damage this causes but
> I was wondering about the infinite TLD change coming in a year or so
> and how to handle it. Do I get a list of the current ones and block
> everything from the new ones? I'm sure this won't work in the long
> run, but listing all the bad guys is impossible as well, so I'm
> thinking about doing something like adding (Spam Score - .5) to all
> emails from the new TLDs. Would this be easiest for MailScanner, SA,
> the MTA or some other software (like a milter) to accomplish?
>
>
>
> Scott Anderson sbanderson at impromed.com IT Administrator ImproMed,
> Inc.
>
>
SpamAssassin is the right place to do this.
If you are not already using IP addresses of countries rather than
easily forged TLDs, see
http://wiki.apache.org/spamassassin/RelayCountryPlugin
OR use zz.countries rbl:
header __RCVD_IN_NERDS eval:check_rbl('nerds','zz.countries.nerd.dk.')
describe __RCVD_IN_NERDS Received from a spam country
tflags __RCVD_IN_NERDS net
header RCVD_IN_NERDS_AR eval:check_rbl_sub('nerds','127.0.0.32')
describe RCVD_IN_NERDS_AR Received from AR
tflags RCVD_IN_NERDS_AR net
score RCVD_IN_NERDS_AR 2.0
Ken
--
Ken Anderson
Pacific.Net
More information about the MailScanner
mailing list