Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SpamAssassin: users

How to _not_ punish authenticated SMTP users for using dialup IPs? (fwd)

 

 

SpamAssassin users RSS feed   Index | Next | Previous | View Threaded


chris at westnet

Feb 3, 2004, 11:10 AM

Post #1 of 1 (244 views)
Permalink
How to _not_ punish authenticated SMTP users for using dialup IPs? (fwd)

I posted this last week, but I don't think it made it to the list.


On Tue, 27 Jan 2004, Jens Benecke wrote:

> I'd like to NOT score mail from those people who authenticated via SMTP, but
> I'd still like to use the dial-up RBL for other people (sending spam and
> virii directly to our users) who don't authenticate.

What I did was to write a negative rule to trigger on the header added by
our sendmail for SMTP AUTH. The way I did it, I made sure it would have to
be customized for each site, so it wouldn't be easily forgeable.

For example, our server adds a header like this:

Received: from xxxxxx.xxx (ool-182c9a58.dyn.optonline.net [24.44.154.88])
(authenticated bits=0)
by westnet.com (8.12.10/8.12.10) with ESMTP id i0SMwlf1005033


So my rule looks like:


header L_SMTP_AUTH Received =~ /^from [^ ]+ \([^)]*\)\s+\(authenticated bits=\d+\)\s+by westnet/
describe L_SMTP_AUTH Message was received locally via an SMTP AUTH connection.
score L_SMTP_AUTH -20


==========================================================
Chris Candreva -- chris [at] westnet -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/

SpamAssassin users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.