On 05/27/02 at 23:18, Neil Herber wrote:
> I have tried to set up router entries to spam trap mail that is being
> sent to me and to a domain I never expect to exchange mail with.
>
> The mail comes addressed like this:
>
> >To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> >Subject: Raging Hard Erection Formula.
> >Cc: [EMAIL PROTECTED]
> >Cc: [EMAIL PROTECTED]
> >Cc: [EMAIL PROTECTED]
> >Cc: [EMAIL PROTECTED]
> >Cc: [EMAIL PROTECTED]
> >... lots more at eskimo.com
> >Cc: [EMAIL PROTECTED]
> >... lots more
>
> The router rules I tried were:
>
> *@mail.eskimo.com = spamtrap
>
> <*@mail.eskimo.com> = spamtrap
>
> <*@mail.eskimo.com> = spamola
> <spamola> = spamtrap
>
> but none of them seem to work. I tested by sending mail to myself
> (from another server) and CCing a "mail.eskimo.com" address.
>
> I suspect that the problem is that "mail.eskimo.com" is not local to
> me, so the spamtrap can't work. It seems to only work on local
> addresses. The "spamola" rules were an attempt to make it local.
Well, enclosing the 'foreign' address in angle brackets '<>' makes the
router treat it as a local address. But, I think the real problem is that
the mail.eskimo.com addresses that you're trying to spamtrap are not being
given to your SIMS server in a 'RCPT TO' command. There's no reason for
them to be, since the sending MTA isn't trying to deliver to those
addresses at your server. SIMS only sends envelope addresses (i.e. RCPT TO
arguments) through the router, and it doesn't look at the message headers,
which are part of the message data, so your router entries never see the
addresses that you're trying to spamtrap.
> Any suggestions on how to get this to work gratefully received. I
> thought I understood the router until now ...
I'm afraid you'll need to find some other criterion that SIMS can act on.
If there's any sort of pattern to the Return-Paths of the spams, you might
be able to route it to error. Otherwise, you're probably stuck with
blacklisting the relay IP address(es).
--
Christopher Bort | [EMAIL PROTECTED]
Webmaster, Global Homes | [EMAIL PROTECTED]
<http://www.globalhomes.com/>
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
