On Thu, 16 Oct 2008, Randy wrote:
John Hardin wrote:
How does the MTA block on a domain name _in the message body_ without
passing it to a filtering application?
Postfix can do this so my suggestion stands. Look for body_checks in
Postfix.
I wasn't aware postfix had that as a builtin. I stand corrected.
However, as mouss pointed out, the body scanning capabilities in postfix
(and milter-regex) are simpistic compared to the decoding abilities in SA.
They'd certainly suffice to prune the low-hanging fruit, as this example
was, but would not be robust in the face of obfuscation (which is not a
reason to avoid using them!).
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...the Fates notice those who buy chainsaws...
-- www.darwinawards.com
-----------------------------------------------------------------------
15 days until Halloween
