Next message: Deim Qgoston?=: "[Fwd: Re: policy daemon questions]"
wrote:
>Hi Postfix fans,
>
>I want to create a spam filter. I have created several filters but there
>are still 2 patterns which I cant match. Perhaps somebody has a nice idea
>?
>
>Pattern a) I want to make sure the "EHLO named domain" and the "MAIL FROM:
>domain" are the same How would I do this ?
>
>
>miyasita at ns1:/etc/init.d> telnet mail.mydomain.net 25
>Trying xxx.xxx.xxx.xxx...
>Connected to mail.mydomain.net.
>Escape character is '^]'.
>220 mail.mydomain.net ESMTP Postfix (Debian/GNU)
>EHLO yahoo.com
>250-mail.mydomain.net
>250-PIPELINING
>250-SIZE 10240000
>250-VRFY
>250-ETRN
>250-STARTTLS
>250 8BITMIME
>MAIL FROM:
>250 Ok
>RCPT TO:
>250 Ok
>DATA
>354 End data with <CR><LF>.<CR><LF>
>my spam text goes here
>.
>250 Ok: queued as 577282832
>
> �$B",",",�(B
>
>This shouldnt be !!
>
>
>Pattern b) I want to make sure the "EHLO named domain" has the same IP as
>the client itself and/or the "MAIL FROM: domain". How would I do this ?
>
>
>Thank you for any ideas and feedback.
>
>Best regards
>
>Nils Valentin
>Tokyo / Japan
>http://www.be-known-online.com
>
>
>
>
>
May I just say, BAD IDEA IMHO!
Just look at your own post to the list and you will see why:
Received: from deuce.deuceswilddesigns.com (unknown [66.225.199.50])
by english-breakfast.cloud9.net (Postfix) with ESMTP id 41231B389 for
<>; Tue, 02 Aug 2005 06:21:49 -0400 (EDT)
Received: from beknown by deuce.deuceswilddesigns.com with local (Exim 4.50)
id 1Dztu8-0004oi-9T for ; Tue,
02 Aug 2005 10:21:48 +0000
Received: from 127.0.0.1 ([127.0.0.1])
(SquirrelMail authenticated user )
by www.be-known-online.com with HTTP; Tue, 02 Aug 2005 10:21:48 +0000 (UTC)
Pattern A would fail because:
MAIL FROM =
HELO/EHLO = deuce.deuceswilddesigns.com (unknown [66.225.199.50])
Pattern B would fail because: (verified using DNS Stuff's rDNS lookup)
HELO/EHLO = deuce.deuceswilddesigns.com (unknown [66.225.199.50])
PTR = 66.225.199.50 PTR record: *unknown.ord.scnet.net.* [TTL 3600s]
[A=None] **ERROR** A record does not point back to original IP.
