[Esd-l] ZIP scanning, take two (repost)

Simon Matthews simon at paxonet.com
Mon Feb 23 11:35:17 PST 2004

At 10:27 AM 2/23/04 -0800, John D. Hardin wrote:
>On Mon, 23 Feb 2004, Karl L. Dunn wrote:
> > I like the idea (posted by Simon Matthews <simon at paxonet.com>) of
> > selecting policy via whenced received, e.g. DNS-verified retrun
> > path.  It might mean script bloat, though.
>That's fairly easy to do with standard procmail, I see no real need to
>do it within the sanitizer.

I'm not sure that I made myself clear.

SA deduces (or is configured) to understand a set of mail relays that are 
considered trusted. It tracks the "received" headers from the first header 
and identifies the received lines beyond the trusted networks to find 
untrusted relays. Hence, even if a spammer puts in a fake received header 
that matches my private LAN ip addresses, SA will realize that these are 
fakes. If Procmail can do this, great. I'm just not sure that Procmail can 
do anything beyond scanning all the received lines for matching patterns.


More information about the esd-l mailing list