[bogofilter] using block_on_subnets
relson at osagesoftware.com
Thu Apr 29 07:36:01 EDT 2004
On 29 Apr 2004 07:30:16 -0400
Tom Anderson wrote:
> On Wed, 2004-04-28 at 10:53, David Relson wrote:
> > 'Tis interesting to note that my mail server is spammish. Evidently
> > spam includes the IP address 3 times as often as does ham.
> I can only imagine that this is due to the fact that spammers
> purposely insert the IP of the receiving server as the helo string. I
> noticed this behavior on some of my more stubborn spam, which is why I
> now have"helo-" prepended to all helo strings before passing through
> bogofilter. They may also insert a fake received line which would
> appear to be produced by the receiving mail server, but isn't. I
> strip these out now, only allowing an unbroken chain of mail servers.
> You may find the block-on-subnets option more useful if you take these
> precautions to weed out known-bad data.
> BTW, I was just playing around with "bogoutil -p"... is there any way
> to provide tokens with wildcards?
"Any" covers a lot of territory:-) Doing all the work in bogoutil would
require reading the whole wordlist and applying the wildcard.
A bit more complex, but using the command line's capabilities, is to use
"bogoutil -d | egrep | awk print $1 | bogoutil -p".
More information about the Bogofilter