Re: MS mail bombs
Michael C. wrote:
I am almost 100% positive that your mail server won't have a Bcc: header
for incoming mail.
In linux.debian.user, Ron Johnson <email@example.com> wrote:
On Sat, 2003-09-20 at 00:22, Steve Lamb wrote:
On Fri, 19 Sep 2003 23:08:42 -0600
"Walt L. Williams" <firstname.lastname@example.org> wrote:
Is there anyone else out there being mail bombed with emails
that look like there from M$? The rate at which their coming
is increasing exponentially.
My solution has been exim4, exiscan-acl, clamav, spamassassin and liberal
use of shorewall's blacklist.
Does that prevent the emails from being downloaded from the ISP's
pop3 server in the 1st place?
I asked this on alt.os.linux. I was told to search freshmeat.net for a
perl script called "poppy." It will get headers only, and ask what you
want to do with the mail one by one, but it also includes a script
called spamkill, which does okay.
I'm debugging some changes I made now. I tweaked it so if my email
isn't in the To:, Cc:, or Bcc: header it should be considered spam.
Right now To:, and Cc: both work.
I imagine you have some whitelist rule for exceptions like the
debian-user list which should have it's address in the To: line instead
of your address. Sometimes debian-user goes on the Cc: line, which you
must be watching for as well.
Happy mail filtering,