[IMGate] Re: check_recipient_maps

Tue, 18 Feb 2003 17:19:12 -0800 

So, how's everybody getting along with check_recipient_maps?


Here's spam-stats.pl for an IMGate I admin and I turned on 
check_recipient_maps which the first real filter in the restrictions list, 
at 11 AM this morning:

       1        ETRN Mail theft attempt
       3        ACL mta_clients_onedict
       3        ACL to_recipients_white
       4        SMTP invalid [EMAIL PROTECTED]
       4        ACL from_senders_clueless
       8        ACL mta_clients_relay
      13        ACL to_local_recipients unknown recipient
      26        SMTP invalid [EMAIL PROTECTED]
      34        SMTP Exceeded Hard Error Limit after MAIL
      59        ACL mta_clients_pipel (pipelining)
      84        ACL body checks
      87        ACL helo_hostnames
     136        ACL mta_clients_senders_regexp
     145        ACL unauthorized relay
     234        ACL header checks
     248        ACL from_senders_nxdomain
     464        ACL mta_clients_bogus
     583        SMTP Exceeded Hard Error Limit after DATA
     843        ACL from_senders_black
     959        ACL mta_clients_slet
    1036        SMTP sender address verification in progress
    1213        SMTP unauthorized pipelining
    1252        ACL mta_clients_blaksender
    1646        RBL rbl-plus.mail-abuse.org
    2030        ACL from_senders_regexp
    5546        ACL to_recipients_dead
    5710        SMTP sender address undeliverable
    6157        SMTP Exceeded Hard Error Limit after RCPT
    6573        DNS no A/MX for @sender.domain
    6907        ACL mta_clients_dead
    7667        ACL from_senders_slet
    7668        DNS timeout for MTA PTR hostname (forged @sender.domain)
    7674        ACL from_senders_black_regexp
   12348        ACL mta_clients_bw
   13516        ACL [EMAIL PROTECTED]
   13837        DNS nxdomain for MTA PTR hostname (forged @sender.domain)
   16609        SMTP sender address unverifiable
   23535        ACL to_relay_recipients unknown recipient  <<<<<
   39053        ACL to_recipients_repexp ( will now goto to_relay_recipients)
=========================================
  183915        TOTAL


so, it's another important feature for postfix and IMGate.  and harvesting 
the ip's and sender.domains of the to_relay_recipients will be, as before, 
a very good source of new rules.

And here's a 2 new lines for spam-stats.pl to catch the new 
check_recipient_maps log lines wraps:

elsif (/unknown in relay recipient/i)  { $count{"ACL to_relay_recipients 
unknown recipient"}++ }

elsif (/unknown in local recipient/i)  { $count{"ACL to_local_recipients 
unknown recipient"}++ }

Len

Reply via email to