Thanks, this should do the trick.
Steve
on 06/17/05 12:37 Fred wrote the following:
One possible work around to this would be create a meta rule that fires when
more than one person is listed in To or CC boxes. Using this meta rule,
create another meta rule to counter the effects of having your "spam"
address used to mail multiple people.
Something like this:
header __MYSPAM_ADD ToCc =~ /[EMAIL PROTECTED]/i
header __MANY_RECPT ToCc =~ /(?:[EMAIL PROTECTED],30}){4}/
meta DONT_ABUSE_SPAMTRAP (__MYSPAM_ADD && __MANY_RECPT)
describe DONT_ABUSE_SPAMTRAP Please don't send e-mail to this address with
multiple recpts.
score DONT_ABUSE_SPAMTRAP 100
The rule __MYSPAM_ADD just checks for your spam reporting address.
The rule __MANY_RECPT just checks for 4 @ signs in either To or CC.
None of this is tested but it's how "I" would do it.
Frederic Tarasevicius
Internet Information Services, Inc.
http://www.i-is.com/
810-794-4400
Steve Roemen wrote:
We have an address setup that people who we reject based on spam/virus
can send a message to, to figure out why they are listed as spam. The
only problem with that is if a spammer sends a message to numerous
people, including this account, the spam is appended a score -100 and
is passed along. I am running sa version 3.0.2. Is there a way to
prevent this? Per recipient scanning when an all_spam_to is found?
Thanks,
Steve
|
