David <[EMAIL PROTECTED]> writes:
> --- Ole Wolf <[EMAIL PROTECTED]> wrote:
>> As Cory Wright mentioned, most of the Yahoo spam doesn't come from a
>> Yahoo
>> server. Doesn't this indicate that if the problem is to be dealt with
>> on the
>> MTA level, part of the problem might not really be Yahoo and Excite?
>>
>
> I remember seeing this mentioned several times on the qmail list. There
> was some discussion there about a patch that someone created that would
> compare the sender's domain name against the actual domain name of the
> mail server from where the mail was sent... and was able to do a
> reverse lookup of the mail server's IP Address to confirm this. At
> least that's the way I remember it. Either way, that's something that
> should be done at the MTA.
>
> What Jason is suggesting is different, because a whitelist cannot be
> checked as easily at the MTA level. So the MTA has to accept the mail
> and then TMDA can reject it if it's not in the whitelist.
Well, at least with my MTA (Courier), a whitelist can indeed be checked.
What I do is this:
I have a script that reads my TMDA whitelist and blacklist and stores
their data in a perl hash that I serialize into disk via perl's Storable
package. I cause this script to run whenever my whitelist or blacklist
change. I use Courier's "courierperlfilter" mechanism to run my own
perl script that uses Storable to read this hash off of disk, and then
to look at the header fields of the incoming messages. I accept or
reject messages at this point based on the hashed whitelist/blacklist
data and other criteria from the headers.
If a message is rejected at this point, it's during the SMTP dialog. I
cause a "550 error message of my choice" to be returned to the
connecting process.
I believe that something like this is also doable under other MTA's.
The logic that I will soon be putting into my "courierperlfilter" is
something like this (pseudo-code):
if address in ( <whitelist> )
accept message
else if envelope-domain != sender-domain
reject messasge
else if envelope-domain in ( hotmail.com excite.com [ etc ... ] )
reject message
endif
> This is an interesting topic and I'll be following this thread to see
> other comments. I'd be interested in seeing what becomes of this.
>
> David
--
Lloyd Zusman
[EMAIL PROTECTED]
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users
