I have a brief question. I'll provide my setup though isn't applicable. I'm using SpamAssassin version 3.3.1, on FreeBSD 8.1-RELEASE
I'm using Sendmail for my MTA I'm using Procmail for my local My question is: The SMTP protocol allows a return address to be '<u...@ip-address.com>' and 'u...@ip-address.com' and some other variations, I'll assume. My background knows that nearly _all_ mail when transferred uses 'u...@domain-name.com' or '<u...@domain-name.com>' This AM I was researching an email (spam) that I received and the actual (hard-core) email-header and noticed they're using something similar to: "user@some-domain@ip-address" and it's getting through. My _real_ question is: Can't I simply blacklist all/any emails that arrive where they're using 'user@ip-address' - while that's a rhetorical question, (I know I can) but I'm looking for feedback as to why this would not be a good idea. ANY respectable/legitimate MTA uses their domain-name as the latter part of the return address, correct? Feedback is more what I'm looking for on my question versus an answer to 'can I?' do this. I will not care if there is that small percentage of MTA's that are/do legitimately send using the IP address method. (Another discussion, perhaps?) If this is logical, how would I enter that in my local.cf ?? ' blacklist_from @"[0..255].[0..255] .[0..255] .[0..255]" (With/WithOUT quotes?) ...or is the REALLY a very bad idea? Thanks so much for your assistance in advance.
