Am 2006-11-19 13:18:08, schrieb Google Kreme:
On 18-Nov-2006, at 09:37, Michelle Konzack wrote:
all received spams has exactly this "(helo=[12.34.56.78])" construct.
Wait. Are you using the valid IP address 12.34.56.78 as a poorly
chosen placeholder, or do you really mean it's from AT&T Worldnet?
I get severasl 1000' per day from this network!
I have tried to block the Network but the I block friends too and
those friends have a correct "helo" in the received headers.
Do you have tried an Reverse-Lookup on the IP?
This is definitivly NO legal SMTP-Relay.
12.34.56.789 would be a much better placeholder, as it is an
impossible IP.
Right but it can not be since [A.B.C.D] is taken from the sending IP
And since I have millions of SPAM in my Folders I have enough
to test all possible filters.
Greetings
Michelle Konzack
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail