Because some plonker is using my domain as a return-path when sending
their spam, _I_ get a legitimate message from the intended recipient
telling my I've sent a spam.
As most of these messages are from "postmaster" or "Mailer-Daemon" or
similar, I intend to drop messages depending on the sender, but only if
the message is not for a whitelisted recipient of my domain.
The part I need help with is what and how to match the sender. For
example, I have this variation in some of my already blocked messages:
(Envelope From)
From MAILER-DAEMON Sun Oct 1 16:39:40 2006
from ip-195-14-188-161.bnk.lt [195.14.188.161]
from batidos de mango to crabcakes. They can meet artists and artisans
From dezeekant-tex(_at_)dezeekant-tex(_dot_)com Sun Oct 1 22:34:40 2006
(Message From:)
From: Mail Delivery System <Mailer-Daemon(_at_)yourhostingaccount(_dot_)com>
From: Mail Delivery Service
<postmaster(_at_)cluster(_dot_)t-systems(_dot_)com(_dot_)br>
From: MAILER-DAEMON <>
From: "Internet Mail Delivery" <postmaster(_at_)us(_dot_)army(_dot_)mil>
From: Mail Delivery System
<Mailer-Daemon(_at_)casiquiare(_dot_)dattaweb(_dot_)com>
From: E-mail Firewall <postmaster(_at_)fhda(_dot_)edu>
From these examples, which header should I match on (or is there
another more reliable header)? As I would need to match on (eg.)
'postmaster' wherever it may appear in the header, should I be matching
the entire header and use fgrep?
Thanks,
Steve :)
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail