This is a bad idea. Most spam comes from forged addresses, and your understandable attempt to warn that you're deleting mail can result in a distributed denial of service attack against an innocent user (see Joe Job). Either bounce at the MTA, or if you can't do that, drop the mail on the floor.
More info is at http://wiki.apache.org/spamassassin/DeletingAllMailsMarkedSpam - dan -- Dan Kohn <mailto:[EMAIL PROTECTED]> <http://www.dankohn.com/> <tel:+1-650-327-2600> -----Original Message----- From: David A.Roth [mailto:[EMAIL PROTECTED] Sent: Friday, July 23, 2004 14:24 To: [EMAIL PROTECTED] Subject: Filtering with Procmail before it goes to spamassassin. I have been using Spamassassin (SA) for my domain and it suits my needs. Lately I have been getting a lot of spam spoofed bounced e-mail using my domain. The spammers don't use a valid user name from my domain, so I can't simply add them to the SA blacklist. I decided I only want e-mail mail addressed To: me@ & webmaster@ be allowed through. Everything else can go to /dev/null. However, if someone has a typo user name as legit e-mail to my domain, I feel they should get a reply letting them know that their 'typo' doesn't exist. At the same time, I don't want to have it reply from a valid e-mail address since it must just get added by spammers and I really want them to send it to a correct e-mail address (perhaps noreply@ ?) I assume what I described above is a good task for Procmail? I'm still getting up to speed on Procmail and would like to find examples of what I described above done, so that after Procmail does its job, it then passes the properly addressed e-mail to SA. Thanks in advance, David Roth rothmail at comcast.net
