From: Alex van den Bogaerdt (no email)
Date: Thu Jun 03 2004 - 03:43:35 EDT
On Wed, Jun 02, 2004 at 11:45:45AM -0500, Noel Jones wrote:
> >110 million mail messages are spam (+30 million legitimate), of those
> >almost 5 million have To/From headers that Postfix replaces.. (monthly
> >statistics)
>
> I fix this with a header_checks entry that looks like:
>
> # remove From: headers that don't contain an "@"
> /^From:[^@]+$/ IGNORE
This will certainly help quite a bit, thanks Noel.
It may not always work against phishing.
Your suggestion also gave me an idea to experiment with:
/^From:[^@]+$/ PREPEND X-most-likely-forged: rfc822from
And then on the outgoing mailserver check for that header and HOLD,
or maybe route mail through a filter that checks for this header,
and if found replaces any From.
Am I right in thinking that header_checks is shortcut once a header
is matched? In other words: Am I doing something wrong when I try to
match the From line twice, once with PREPEND, once with IGNORE?
cheers,
Alex
|
|
|