spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ".rp" <>
Subject possible idea for backscatter problem
Date Wed, 07 May 2008 21:58:34 GMT
One of the users (actually the boss) had the email address harvested and we got clobbered 
by backscatter. Looking at the emails of the various 'unable to deliver' type messages, I
what these could be filtered on, but don't know how to write up and implement the rule 
outside of procmail. I don't want to use procmail for this since it I think it would be an

expensive routine for procmail to run.

In the body of the 'unable to deliver' message, the original message is quoted. One of the

lines quoted is the Message-ID: header from the original. The format of this line is always

wrong as it does not contain the FQDN that our server appends to the end of the hash 
number , following the '@' symbol .

So, need a rule that would parse the "Message-ID:" in the body (or attachment) and not 
header, and look for the @FQDN 
Is this rule already out in the wild?

View raw message