[prev in list] [next in list] [prev in thread] [next in thread] 

List:       procmail
Subject:    Re: aol spam - forgeries?
From:       era eriksson <era () iki ! fi>
Date:       1999-02-23 6:53:54
[Download RAW message or body]

On Mon, 22 Feb 1999 14:13:48 -0800, Jerry Preeper <preeper@cts.com>
wrote:
 > Thanks for the tip on this.  As a heads up to others (especially those like
 > me just getting started) it did create a minor problem.  This recipe was
 > catching all my mail generated by online forms that generate email (like
<...>
 > didn't want to change them all, I just found a unique part of the header
 > that did get generated by the scripts to also add so that these would get
 > through.  
 > :0 f
 > * ! ^(To|Cc):
 > * ! ^Received:.*username@localhost
 > |formail -A "X-Spam-Reject: rc.to-cc-missing"

You mean :0fhw, and if this is supposed to be matching on

    Received: from blah (blah) by blah (blah) for username@localhost
                                                  ^^^^^^^^^^^^^^^^^^
then this will not work if one of your CGIs ever sends stuff to more
than one user on your host, and/or the spammers somehow manage to get
something injected where it will be passed locally (unlikely) or your
CGI server ever moves to a different server from your mail server (or
vice versa).

For the time being, if I were you, I'd simply filter out To-less mail
specifically from AOL and leave it at that. (And then fix those CGI
scripts ASAP.)

/* era */

-- 
.obBotBait: It shouldn't even matter whether    <http://www.iki.fi/~era/>
I am a resident of the state of Washington. <http://members.xoom.com/procmail/>

[prev in list] [next in list] [prev in thread] [next in thread]