At 21:00 2002-12-05 -0500, Jefferis Peterson wrote:
How would you block this guy who has a non static ip within a certain range?
Methinks you wouldn't simply block messages from the IP range, because that
would thrash potential legitimate messages.
> Received: from sl1 (192.168.1.101) by
> lsanca1-ar16-4-46-030-203.lsanca1.dsl-verizon.net (LSMTP for Windows NT
v1.1b)
> with SMTP id
<0(_dot_)000091F6(_at_)lsanca1-ar16-4-46-030-203(_dot_)lsanca1(_dot_)dsl-verizon(_dot_)net>;
192.168.x.x is a non-routed IP address. That is dramatically different
than simply being non-static. If all the messages comain this "sl1"
machine name, I'd consider doing something like:
:0:
* ^Received:[ ]*from sl1\>.*lsanca1.dsl-verizon.net
twit.mbx
> X-Mailer: SMTPit - FileMaker Pro Email Plugin (win ver. 3.0.7)
You might add this to the conditions if it appears in each of the messages.
> From: Chemical and Radiation Detection
>
<support(_at_)lsanca1-ar16-4-46-030-203(_dot_)lsanca1(_dot_)dsl-verizon(_dot_)net>
ANYONE emailing *FROM* a domain like that is asking for trouble. If the
messages contain that format of identifier, I'd toss 'em -- that simply
isn't the type of domain someone is going to use for legitimate email:
:0:
* ^From:.*lsanca1.dsl-verizon.net
twit.mbx
[snip]
OTOH, perhaps we can just trash messages with 10+ line signatures...
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail