[bogofilter] using block_on_subnets
Tom Anderson
tanderso at oac-design.com
Thu Apr 29 13:30:16 CEST 2004
On Wed, 2004-04-28 at 10:53, David Relson wrote:
> 'Tis interesting to note that my mail server is spammish. Evidently
> spam includes the IP address 3 times as often as does ham.
I can only imagine that this is due to the fact that spammers purposely
insert the IP of the receiving server as the helo string. I noticed
this behavior on some of my more stubborn spam, which is why I now have
"helo-" prepended to all helo strings before passing through
bogofilter. They may also insert a fake received line which would
appear to be produced by the receiving mail server, but isn't. I strip
these out now, only allowing an unbroken chain of mail servers. You may
find the block-on-subnets option more useful if you take these
precautions to weed out known-bad data.
BTW, I was just playing around with "bogoutil -p"... is there any way to
provide tokens with wildcards?
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://www.bogofilter.org/pipermail/bogofilter/attachments/20040429/70c014e7/attachment.sig>
More information about the Bogofilter
mailing list