[Esd-l] smashing unknowns

Scott Taylor scott at dctchambers.com
Tue Jul 30 08:09:01 PDT 2002

This line is from a header in that last message I sent:
Received: from yangc-s9smikhab (unknown [])

Yesterday I put in a filter for ^Received: .*(unknown*)
to catch a lot of spam, and it worked great, but in about 4 hours I was 
getting calls from people (with poorly set up mail servers?) that were 
sending headers like this.

Here is the header, is that from the mail server or the client?

  From bwreid at vernon.com  Mon Jul 29 14:47:23 2002
 >From rolly  Mon Jul 29 14:47:23 2002
Return-Path: <bwreid at vernon.com>
Delivered-To: xxxxx at xxxxxxxxxx.com
Received: from liam.uiscan.com (liam.uiscan.com [])
         by xxxxxxxxx.com (Postfix) with SMTP id AE6CB85642
         for <xxxxx at xxxxxxxxxxx.com>; Mon, 29 Jul 2002 14:47:22 -0700 (PDT)
Received: (qmail 21606 invoked from network); 29 Jul 2002 21:48:08 -0000
Received: from unknown (HELO BWREID) (
   by liam.uiscan.com with SMTP; 29 Jul 2002 21:48:08 -0000
Message-ID: <006d01c23748$4ba54310$9009a8c0 at BWREID>

Here is the DNS server for that unknown, figures:
128.77.24.in-addr.arpa. 1800    IN      SOA     ns2ht.ok.shawcable.net. 

So, what I would like to do is catch these errors, and put them into a file 
like the sanitizer does with the quarantines, so if someone is missing an 
important email from a poorly set up ISP, it can be easily retrieved.

Any suggestions?

More information about the esd-l mailing list