On Sat, Jun 01, 2002 at 09:10:24PM -0400, Patrice Fournier wrote: > Would any of you have a rule to catch fake IPs in received: header lines? > Something to catch received lines like the followings:
I catch the bad IPs in procmail if SA didn't already snag it: # Received lines from IPs that aren't valid (255+.x.x.x) are spam. :0fh * ^Received:.*\[\/(25[6-9]|2[6-9][0-9]|[3-9][0-9][0-9])\..+ | formail -A "X-Reject: Suspect Received address: $MATCH" This could be turned into a SA rule very easily... -- Randomly Generated Tagline: "Only wimps use tape backup: _real_ men just upload their important stuff on ftp, and let the rest of the world mirror it ;)" - Linus Torvalds _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
