Re: Many X- headers - possible spam sign?

Sat, 04 Oct 2014 04:49:50 -0700 


Am 04.10.2014 um 13:16 schrieb Axb:

On 10/04/2014 12:48 PM, Axb wrote:

On 10/04/2014 12:21 PM, Bernd Petrovitsch wrote:

Hmm,h.rei...@thelounge.net's list of "bayes_ignore_header"s could
(should?!) actually be part of SAa default setup.


For quite a while, I've been compiling a list for local use.
Merging Reindl's list I've come to 137 entries... and growing


MailScanner adds the "organisation" ID to the X headers so
atm there seems no way to nail these :(


on the other hand if do so it could be abused by send out a lot
of junk with a faked header to poison bayes with a organization
someone don't like - filters sometimes have two sides of a coin

just came in my mind because i got flooded this week by tons
of backscatters after some funny guy forged my private email
and sent out god knows how much junk

i have no evidence but a educated guess by timing that one
of the people  abusing me over a long time hired some botnet
to harm me - frankly a lot of that messages attached in the
bounces would have been rejected here by the origin PTR
______________________________________________________________

that was BTW the reason for the rules below to at least
not get bounces with "From: postmaster@someidiot.local"

# block invalid top-level domains in From-Headers
blacklist_from *.119
blacklist_from *.administrator
blacklist_from *.admin
blacklist_from *.adsl
blacklist_from *.arpa
blacklist_from *.bac
blacklist_from *.beeline
blacklist_from *.cici
blacklist_from *.coma
blacklist_from *.dhcp
blacklist_from *.dlink
blacklist_from *.dns
blacklist_from *.domain
blacklist_from *.dynamic
blacklist_from *.dyn
blacklist_from *.dyndns
blacklist_from *.firewall
blacklist_from *.gateway
blacklist_from *.gt_3g
blacklist_from *.gt-3g
blacklist_from *.hananet
blacklist_from *.home
blacklist_from *.internal
blacklist_from *.intern
blacklist_from *.janak
blacklist_from *.kornet
blacklist_from *.lab
blacklist_from *.lan
blacklist_from *.localdomain
blacklist_from *.localhost
blacklist_from *.local
blacklist_from *.loc
blacklist_from *.lokal
blacklist_from *.mail
blacklist_from *.nat
blacklist_from *.netzwerk
blacklist_from *.pc
blacklist_from *.private
blacklist_from *.privat
blacklist_from *.router
blacklist_from *.setup
blacklist_from *.skbroadband
blacklist_from *.tbroad




Attachment:
signature.asc

Description: OpenPGP digital signature






















					Reply via email to