P.S. I wrote: > For a couple months some spam
with fake Received > penetrated greylisting (I think that only one > Russian botnet uses same $sender_address in all instances of same spam > necessary for penetrating greylisting), but if I'm not mistaken, > for last couple weeks that botnet switched to no fake Received line at all. but with other recognizable signs in the header. I'm testing a new complex set of conditions. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
