Hello. I'm using spamd but am noticing that some SPAM is still coming though
It's probably more dev but I don't like posting to the dev/tech lists. If the ideas/info have merit, then perhaps it can be forwarded to that list. Can (or does) spamd look at the From:, do a MX/A record dns lookup and compare. it to the sender IP to see if it's valid during the SMTP transaction ? (I note if you put in a spamtrap email address it will do a straight IP block) e.g. Return-Path: <[EMAIL PROTECTED]> Delivered-To: [EMAIL PROTECTED] Received: (qmail 11000 invoked from network); 17 Jan 2007 17:19:49 -0000 Received: from host194.skytechinc.com (HELO mail.skytechinc.com) (63.111.223.194) by felix.chaossolutions.org with ESMTP; 17 Jan 2007 17:19:49 -0000 Received: from User ([86.127.117.209]) by mail.skytechinc.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 16 Jan 2007 17:51:43 -0500 Reply-To: <[EMAIL PROTECTED]> From: "Town North Bank"<[EMAIL PROTECTED]> Subject: Notification from North Town BANK ! Date: Wed, 17 Jan 2007 00:51:46 +0200 dig mx tnnb.com <SNIP> ;; ADDITIONAL SECTION: mx1.tnnb.com. 3600 IN A 208.217.213.106 So obviously the IP 63.111.223.194 does not belong to a tnnb.com mail server and can be blacklisted/tarpitted. Of course, you may want certain IP ranges whitelisted if they are important to you. You might want to allow/whitelist a specific, or a number of email addresses from an IP but greylist/blacklist the rest depending on your requirements. Can some of the above be discussed/implemented in spamd? Sorry, I don't program, just do some light scripting, but if I can see obvious SPAM's from the headers and a dns MX/A lookup, I would hope that spamd could be extended with options to catch and tarpit these people/servers/viruses etc. Regards...Martin