Hello.
I'm using spamd but am noticing that some SPAM is still coming though
It's probably more dev but I don't like posting to the dev/tech lists. If the
ideas/info have merit, then perhaps it can be forwarded to that list.
Can (or does) spamd look at the From:, do a MX/A record dns lookup and
compare. it to the sender IP to see if it's valid during the SMTP
transaction ?
(I note if you put in a spamtrap email address it will do a straight IP block)
e.g.
Return-Path: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
Received: (qmail 11000 invoked from network); 17 Jan 2007 17:19:49 -0000
Received: from host194.skytechinc.com (HELO mail.skytechinc.com)
(63.111.223.194)
by felix.chaossolutions.org with ESMTP; 17 Jan 2007 17:19:49 -0000
Received: from User ([86.127.117.209]) by mail.skytechinc.com with Microsoft
SMTPSVC(6.0.3790.1830);
Tue, 16 Jan 2007 17:51:43 -0500
Reply-To: <[EMAIL PROTECTED]>
From: "Town North Bank"<[EMAIL PROTECTED]>
Subject: Notification from North Town BANK !
Date: Wed, 17 Jan 2007 00:51:46 +0200
dig mx tnnb.com
<SNIP>
;; ADDITIONAL SECTION:
mx1.tnnb.com. 3600 IN A 208.217.213.106
So obviously the IP 63.111.223.194 does not belong to a tnnb.com mail server
and can be blacklisted/tarpitted.
Of course, you may want certain IP ranges whitelisted if they are important to
you.
You might want to allow/whitelist a specific, or a number of email addresses
from an IP but greylist/blacklist the rest depending on your requirements.
Can some of the above be discussed/implemented in spamd?
Sorry, I don't program, just do some light scripting, but if I can see obvious
SPAM's from the headers and a dns MX/A lookup, I would hope that spamd could
be extended with options to catch and tarpit these people/servers/viruses
etc.
Regards...Martin
