article on blocking by subnets
David Relson
relson at osagesoftware.com
Tue Dec 3 03:05:59 CET 2002
At 08:56 PM 12/2/02, Barry Gould wrote:
>While thinking about how to test this, I was looking at the output of
>bogoutil -d on my 2 databases...
>
>I noticed that hosts from which I frequently receive mail were missing
>from both db's.
>
>E.g. a header would contain:
>Received: from mail.domain.com (domain.exo.com [209.25.7.9] (may be forged))
>
>the IP, 209.25.7.9, does not appear in either of my DB's, even though I
>get tons of ham (and forwarded spam) from that site.
>
>Is the parser throwing out the IP because of the []'s, or because it's not
>a 'significant' token?
>
>Barry
Barry,
The lexer should pass that on. Some header fields, like Message-ID: are
discarded.
Command "bogolexer -p < message" will print the tokens returned by the
lexer. If you think there's a problem, send me the message as a compressed
tarball.
David
More information about the Bogofilter
mailing list