If it's all spam then why not?
On 10/30/2013 7:41 AM, William A. Fink wrote:
I have a brief question. I'll provide my setup though isn't applicable.
I'm using SpamAssassin version 3.3.1, on FreeBSD 8.1-RELEASE
I'm using Sendmail for my MTA
I'm using Procmail for my local
My question is: The SMTP protocol allows a return address to be
'<u...@ip-address.com>' and 'u...@ip-address.com' and some other variations,
I'll assume.
My background knows that nearly _all_ mail when transferred uses
'u...@domain-name.com' or '<u...@domain-name.com>'
This AM I was researching an email (spam) that I received and the actual
(hard-core) email-header and noticed they're using something similar to:
"user@some-domain@ip-address" and it's getting through.
My _real_ question is:
Can't I simply blacklist all/any emails that arrive where they're using
'user@ip-address' - while that's a rhetorical question, (I know I can) but
I'm looking for feedback as to why this would not be a good idea. ANY
respectable/legitimate MTA uses their domain-name as the latter part of the
return address, correct?
Feedback is more what I'm looking for on my question versus an answer to
'can I?' do this.
I will not care if there is that small percentage of MTA's that are/do
legitimately send using the IP address method. (Another discussion,
perhaps?)
If this is logical, how would I enter that in my local.cf ??
' blacklist_from @"[0..255].[0..255] .[0..255] .[0..255]"
(With/WithOUT quotes?)
...or is the REALLY a very bad idea?
Thanks so much for your assistance in advance.
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
