[H-GEN] Mail access file

David Duffy david at audiovisualdevices.com.au
Thu Aug 21 07:46:57 EDT 2003 

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

I wrote:
>>The 150.101.179.78 is marvin's static ip address.  How can I reject
>>mail like this? I tried putting that ip address in /etc/mail/access
>>but that does not seem to have had any effect. Yes, I did do the
>>database re-build and re-start sendmail. Am I on the right track?

Mark Suter wrote:
> No.  Let's take a closer look at that suspect header you gave us:
> 
> 
>>Received: from 150.101.179.78 ([61.11.75.19])
> 
> 
> The address on the left is whatever the mailserver called itself
> with the "EHLO" command - it's red herring in this case.  Here's
> a complete example:
> 
>     $ nc -v mail.audiovisualdevices.com.au smtp
>     DNS fwd/rev mismatch: mail.audiovisualdevices.com.au != eth79.qld.adsl.internode.on.net
>     mail.audiovisualdevices.com.au [150.101.179.78] 25 (smtp) open
>     220 marvin.audiovisualdevices.com.au ESMTP Sendmail 8.11.6/8.11.6; Thu, 21 Aug 2003 22:12:11 +1000
>     HELO a-sample-string
>     250 marvin.audiovisualdevices.com.au Hello dyn232.bne1.homedsl.pacific.net.au [203.143.244.232], pleased to meet you
>     MAIL FROM:<suter at humbug.org.au>
>     250 2.1.0 <suter at humbug.org.au>... Sender ok
>     RCPT TO:<david at audiovisualdevices.com.au>
>     250 2.1.5 <david at audiovisualdevices.com.au>... Recipient ok
>     DATA
>     354 Enter mail, end with "." on a line by itself
>     Very simple test email.
>     .
>     250 2.0.0 h7LCD3t18388 Message accepted for delivery
>     QUIT
>     221 2.0.0 marvin.audiovisualdevices.com.au closing connection
> 
> Lesson: take care when reading headers!

I did realise that the 1st line of the header I included was
faked in some way. Only SPAM seems to have that characteristic
so I want to filter on it if possible. Is it indeed possible?

Even though I use SpamAssassin, I am getting fed up with all
the utter crap (SPAM) that arrives on a daily basis. It still
takes time to check my SPAM for false positives and anything
that can automate the process more would be great.
David...
-- 
___________________________________________
David Duffy        Audio Visual Devices P/L
U8, 9-11 Trade St, Cleveland 4163 Australia
Ph: +61 7 38210362   Fax: +61 7 38210281
New Web: www.audiovisualdevices.com.au
___________________________________________


--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/

More information about the General mailing list