Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - * in email addresses
  FAQ FAQ  Forum Search   Register Register  Login Login

* in email addresses

 Post Reply Post Reply
Author
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Topic: * in email addresses
    Posted: 14 April 2005 at 4:30pm

Wish # 3271:

I would love an option to flat out drop any message whose email address contains a "*" .... or, even more better (love that English) doen't not meet RFC.

Regards,

The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4068
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 14 April 2005 at 6:37pm
We check for the "%" character and block that since some older SMTP servers have bugs/security holes that cause them to be open relays if they see that. However for the "*" that should only cause a non-delivery, since most likely you don't have a user with the "*" in the email address.

...or are you referring to a sender with the "*" in the address?
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
Desperado View Drop Down
Senior Member
Senior Member
Avatar

Joined: 27 January 2005
Location: United States
Status: Offline
Points: 1143
Post Options Post Options   Thanks (0) Thanks(0)   Quote Desperado Quote  Post ReplyReply Direct Link To This Post Posted: 14 April 2005 at 7:34pm

No .. The RCPT TO.  I am seeing a huge increase in attempts to send to things like ***dan@mydomain.com  and yes, they get blocked but also quarantined.

Dan

The Desperado
Dan Seligmann.
Work: http://www.mags.net
Personal: http://www.desperado.com

Back to Top
lead View Drop Down
Newbie
Newbie
Avatar

Joined: 08 March 2005
Status: Offline
Points: 18
Post Options Post Options   Thanks (0) Thanks(0)   Quote lead Quote  Post ReplyReply Direct Link To This Post Posted: 15 April 2005 at 5:46am
Sounds interesting.

How about modifiying the blacklists so to allow quarantine selection on each line.

eg keyword blacklist: (keyword, quarantine)

blockthis_dont_quarantine, false
blockthis_do_quatantine, true

Roberto, hope this didn't scare you?

Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4068
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 15 April 2005 at 7:08am
No scare at all. Let's wave the magic wand...

Done.

Take a look at the readme.html. below is the description for one entry. There are a few more (but not the keywords...) that allow the use of a NULL option to bypass the quarantine.

  • Blacklisted Domains - You can keep a file with additional Domains that you want to blacklist (based on the MAIL FROM field) by entering them below below. Enter one domain per line, wildcards (* and ?, same rules as DOS wildcards) are allowed. You can also use Regular Expressions (RegEx). If the file does not exist it will be created. The file is reloaded every minute. The contents of the file will be loaded in the memo box, allowing you to make changes to the file. This list supports the :NULL option to send emails in a black hole. If an entry is in the form domain1.com:NULL it will cause all emails from domain1.com to be accepted and then sent to NULL right away. Such emails will not cause NDRs, they will not be quarantined, they will not be seen by the users. If an entry is in the form domain1.com:NoNDR such emails will not cause NDRs as in the DoNotSendNDROnQuarantine parameter in the ini file.


Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
lead View Drop Down
Newbie
Newbie
Avatar

Joined: 08 March 2005
Status: Offline
Points: 18
Post Options Post Options   Thanks (0) Thanks(0)   Quote lead Quote  Post ReplyReply Direct Link To This Post Posted: 15 April 2005 at 7:23am
Thanks for the polite RTFM 

I must admit I haven't read it in a while.


Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.109 seconds.