[Esd-l] smashing unknowns
scott at dctchambers.com
Tue Jul 30 08:09:01 PDT 2002
This line is from a header in that last message I sent:
Received: from yangc-s9smikhab (unknown [22.214.171.124])
Yesterday I put in a filter for ^Received: .*(unknown*)
to catch a lot of spam, and it worked great, but in about 4 hours I was
getting calls from people (with poorly set up mail servers?) that were
sending headers like this.
Here is the header, is that from the mail server or the client?
From bwreid at vernon.com Mon Jul 29 14:47:23 2002
>From rolly Mon Jul 29 14:47:23 2002
Return-Path: <bwreid at vernon.com>
Delivered-To: xxxxx at xxxxxxxxxx.com
Received: from liam.uiscan.com (liam.uiscan.com [126.96.36.199])
by xxxxxxxxx.com (Postfix) with SMTP id AE6CB85642
for <xxxxx at xxxxxxxxxxx.com>; Mon, 29 Jul 2002 14:47:22 -0700 (PDT)
Received: (qmail 21606 invoked from network); 29 Jul 2002 21:48:08 -0000
Received: from unknown (HELO BWREID) (188.8.131.52)
by liam.uiscan.com with SMTP; 29 Jul 2002 21:48:08 -0000
Message-ID: <006d01c23748$4ba54310$9009a8c0 at BWREID>
Here is the DNS server for that unknown, figures:
128.77.24.in-addr.arpa. 1800 IN SOA ns2ht.ok.shawcable.net.
So, what I would like to do is catch these errors, and put them into a file
like the sanitizer does with the quarantines, so if someone is missing an
important email from a poorly set up ISP, it can be easily retrieved.
More information about the esd-l