>Was grepping logs and noticed a pattern, I'm sure youve seen it. > >the usage of certain sender@ names that are common from spammer > >these could almost be part of a 'standard config' > >#Frequently Used sender addresses: ># >debsfunpages@ 554 ACL from_senders >optin@ 554 ACL from_senders >opt-in@ 554 ACL from_senders >do-not-reply@ 554 ACL from_senders >offers@ 554 ACL from_senders > >Anyone got any other suggestions, I can deploy?
I don't think is a good idea. esp something as innocuous and general as offers@. The local part needs to be fairly specific to avoid false positives. the domain part can be less specific. >Len, do you think any are so blatant and routine they could get rolled into >a map and >part of the 'standard config?' no I do think we can compile a from_senders_incorrible.map from all the @sender.domain. I know my advanced config has a from_senders.regexp that across many of my IMgate clients. Len
