chris at westnet
Feb 3, 2004, 11:10 AM
Post #1 of 1
I posted this last week, but I don't think it made it to the list.
How to _not_ punish authenticated SMTP users for using dialup IPs? (fwd)
On Tue, 27 Jan 2004, Jens Benecke wrote:
> I'd like to NOT score mail from those people who authenticated via SMTP, but
> I'd still like to use the dial-up RBL for other people (sending spam and
> virii directly to our users) who don't authenticate.
What I did was to write a negative rule to trigger on the header added by
our sendmail for SMTP AUTH. The way I did it, I made sure it would have to
be customized for each site, so it wouldn't be easily forgeable.
For example, our server adds a header like this:
Received: from xxxxxx.xxx (ool-182c9a58.dyn.optonline.net [22.214.171.124])
by westnet.com (8.12.10/8.12.10) with ESMTP id i0SMwlf1005033
So my rule looks like:
header L_SMTP_AUTH Received =~ /^from [^ ]+ \([^)]*\)\s+\(authenticated bits=\d+\)\s+by westnet/
describe L_SMTP_AUTH Message was received locally via an SMTP AUTH connection.
score L_SMTP_AUTH -20
Chris Candreva -- chris [at] westnet -- (914) 967-7816
WestNet Internet Services of Westchester