[H-GEN] Sendmail reverse lookup

Harry Phillips harry at tux.com.au
Mon Mar 8 07:05:08 EST 2004


Tony Melia wrote:
> This mail is probably spam.  The original message has been attached
> along with this report, so you can recognize or block similar unwanted
> mail in future.  See http://spamassassin.org/tag/ for more details.
> 
> Content preview:  --==============20765487=Content-Type: text/plain;
>   charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit
>   Content-Disposition: inline [ Humbug *General* list - semi-serious
>   discussions about Humbug and ] [ Unix-related topics. Posts from
>   non-subscribed addresses will vanish. ] [...] 
> 
> Content analysis details:   (5.40 points, 5 required)
> X_LOOP             (0.0 points)  Has a X-Loop header
> HTML_20_30         (1.2 points)  BODY: Message is 20% to 30% HTML
> HTML_MESSAGE       (0.1 points)  BODY: HTML included in message
> MISSING_OUTLOOK_NAME (0.6 points)  Message looks like Outlook, but isn't
> FORGED_MUA_OUTLOOK (3.5 points)  Forged mail pretending to be from MS Outlook
> 
> The original message did not contain plain text, and may be unsafe to
> open with some email clients; in particular, it may contain a virus,
> or confirm that your address can receive spam.  If you wish to view
> it, it may be safer to save it to a file and open it with an editor.
> 
> 
> 
> ------------------------------------------------------------------------
> 
> Subject:
> [H-GEN] Sendmail reverse lookup
> From:
> "Tony Melia" <tony.melia at tmitc.com.au>
> Date:
> Mon, 8 Mar 2004 19:41:34 +1000
> To:
> "HGENERAL" <general at lists.humbug.org.au>
> 
> 
> [ Humbug *General* list - semi-serious discussions about Humbug and     ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
> 
> 
> 
> ------------------------------------------------------------------------
> 
> I seem to be getting a lot of spam lately on my redhat 9 box, I was 
> looking at getting sendmail to reverse lookup all incoming mails, but I 
> have read this can end up rejecting a small percentage of legitimate 
> mails.  Has anybody any experience doing this, is it safe, or will I end 
> up missing out on mails?  I could enable spamassasin, but frankly, I 
> can't find relevant documentation on how to 'switch it on' in redhat 9 
> (at least none I can make sense of).
> 
> Regards,
> Tony
>  

Tony,

Checkout what my SpamAssassin says about your e-mail :)

As for 'switching on' SA. I have spamd loaded during startup. I then 
have a global /etc/procmailrc file. In that file is the rule:

:0fw
* < 256000
* !^X-Loop: spamchecked_haz
	| formail -A "X-Loop: spamchecked_haz" | spamc


The first line is to forward the mail and then wait till it comes back.
Line 2 is so that mail bigger than 256k is not checked, spam is rarely 
larger than that.
Line 3 checks for a spcific X-Loop header, and doesn't check the mail if 
it exists.
Line 4 adds the X-Loop header and sends it off to SA.

I do it this way because I have a 'catchall' account on my web server. 
The 'shared' account has procmail rules to forward mail to the 
appropriate local user. So one piece of mail can go through the global 
procmailrc rules several times. The X-Loop makes sure it only gets SPAM 
checked once.

-- 
Regards,
Harry Phillips
--- Failure is not an option,
     it comes bundled with your Microsoft product.





More information about the General mailing list