I have a feeling someone may have already thought of this, but I've been tossing this idea around in my head lately.
If you're scanning on a domain basis (or just one account) and you drop a copy of every identified spam into a place for later review, couldn't we somehow extract the IP address of the last relay in the Received lines? Assuming someone manually reviews a bunch of spam they could run a script on the headers of say 50-100 messages and create a list of "known bad relays" to locally refuse spam from via badmailfrom or sendmail's /etc/mail/access.db file. Has this idea been thought of? Sure, the equivilant would be to just forward these messages to ORDB or a similar blacklist, but maybe this would be more effective? ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
