ACME Labs mail filtering tutorial

[Piotr KUCHARSKI]

On Fri, May 27, 2005 at 11:07:13AM -0700, Jef Poskanzer wrote:
> It's inherent in the way they are set up, ceding control of your
> mail system to a third party with no check on corruption.  Do not
> use DNS-RBLs.

You can use them efficiently for scoring. I patched postfix to
not reject, but deliver mail with 'X-Reject' header inserted.
Header contains an output of whatever restriction it followed, 
RBLs included. This way I can train bogofilter with spam that
was not caught by bogofilter in the first run, but got some X-Reject
headers.

p.

PS Examples of X-Reject header:

X-Reject: 550 <Sheena at zapad.msk.ru>: Sender address rejected: undeliverable
        address: host mailserver.ratelecom.net[212.5.89.11] said: 550 
        Sheena at zapad.msk.ru unknown user account (in reply to RCPT TO command)
X-Reject: 554 Service unavailable; Client host [193.219.28.149] blocked using
        dnsbl.sorbs.net; Exploitable Server See: 
        http://www.dnsbl.sorbs.net/lookup.shtml?193.219.28.149
X-Reject: 554 Service unavailable; Client host [82.236.236.120] blocked using
        dnsbl.sorbs.net; SOCKS Proxy See: 
        http://www.sorbs.net/lookup.shtml?82.236.236.120 / HTTP Proxy See: 
        http://www.sorbs.net/lookup.shtml?82.236.236.120
X-Reject: 450 <210.183.145.84>: Helo command rejected: Host not found
X-Reject: 554 Service unavailable; Client host [218.187.44.195] blocked using
        dnsbl.sorbs.net; Dynamic IP Addresses See: 
        http://www.dnsbl.sorbs.net/lookup.shtml?218.187.44.195
X-Reject: 504 <DHMTLJ11>: Helo command rejected: need fully-qualified hostname

-- 
Beware of he who would deny you access to information, for in his
heart he dreams himself your master.   -- Commissioner Pravin Lal
http://nerdquiz.sgh.waw.pl/  -- polska wersja quizu dla nerdów ;)