procmail
[Top] [All Lists]

Re: procmail Digest, Vol 30, Issue 38

2005-07-27 14:52:43
On Wed, 27 Jul 2005 13:35:58 -0600, Ruud wrote:

What would you define as the "sender address"?
You could go for the same triple as greylisting uses:
 {SERVER-IP, SMTP-MAIL-FROM (=Sender), SMTP-RCPT-TO
(=Recipient)}
and treat every new triple as a potential spammer. Deliver
a report of a
stalled message to the Recipient(s) and let them click on
  Block / Maybe OK / Accept
where Block will insert the triple into the blocklist,
Accept will
insert the triple into the greenlist and deliver the
message, and Maybe
OK will only deliver the message but not change any list.
If the elements of the triple are not given to procmail
(like by
Sendmail, through parameters), then you'll have to try to
reconstruct
them from the message. There are often only limited ways
to do that.


My mail server is very cooperative and I think will be willing to fix  
sendmail so as to give the message envelope information to procmail as  
parameters, which will set environment variables.  The mail server people  
previously (Siteworks) expressed willingness to cooperate.  For reasons  
not related to blocking spam, I am very interested in having access to the  
envelope recipient information as well.

I like your idea very much. Once spam is positively identified as coming  
 from a given SERVER-IP, then all mail coming from that server could  
automatically be assigned a degree of suspicion.  Any legitimate email  
correspondents who mail is sent by that server could be notified of the  
fact that their server is a spammer.

I understand that the envelope SMTP-MAIL-FROM might easily be forged, the  
same as the message headers - correct?

(I'm receiving list mails in digest mode, so I can't make my replies  
follow threads, sorry.)

-- 
Regards, Lloyd
(1st email to me should contain "Standish" in message subject or body.)

____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail

<Prev in Thread] Current Thread [Next in Thread>