Sidney Markowitz <[EMAIL PROTECTED]> writes:
> Don't you need to use the :0 HB in the rule, or even better do something
> with separate :0 and :0 B rules for those that are looking in the
> headers of the bounce message and those that are looking for your
> original mail inside the body?
That might work a tad better, yep. The Return-path: rule is header-only
as is the local sent Received: rule, but the others are body-only.
Justin's idea to use the IP address works too, but I did get a few false
positives for that exemption.
- I searched my ham and bounces for these Return-paths:
- <>
- <mailer.?daemon
- <postmaster
- <.*(virus|norton|amavis|symantec).*\@
- producing 787 messages for which looked for the following exemptions:
- locally received in header ("local")
- my From: header in body ("from")
- my Message-Id: in body ("msgid")
- my IP in body ("ip")
count exemptions verdict
638 none almost definitely blowback
51 ip from real bounces
24 local msgid real bounces
17 ip msgid real bounces
15 from local real bounces
12 local real bounces
9 ip from local real bounces
4 ip local msgid real bounces
4 ip from msgid real bounces
4 ip 2 real bounces, 2 blowback
3 ip from local msgid real bounces
3 from local msgid real bounces
2 from real bounces
1 msgid 1 blowback
count per each exemption:
ip 92
from 87
msgid 56
local 70
Hmmm... I accidentally added my MTA message-id format as an exemption,
producing that one "false positive" for msgid at the bottom.
--
Daniel Quinlan
http://www.pathname.com/~quinlan/
