[Esd-l] ZIP scanning, take two (repost)
simon at paxonet.com
Mon Feb 23 11:35:17 PST 2004
At 10:27 AM 2/23/04 -0800, John D. Hardin wrote:
>On Mon, 23 Feb 2004, Karl L. Dunn wrote:
> > I like the idea (posted by Simon Matthews <simon at paxonet.com>) of
> > selecting policy via whenced received, e.g. DNS-verified retrun
> > path. It might mean script bloat, though.
>That's fairly easy to do with standard procmail, I see no real need to
>do it within the sanitizer.
I'm not sure that I made myself clear.
SA deduces (or is configured) to understand a set of mail relays that are
considered trusted. It tracks the "received" headers from the first header
and identifies the received lines beyond the trusted networks to find
untrusted relays. Hence, even if a spammer puts in a fake received header
that matches my private LAN ip addresses, SA will realize that these are
fakes. If Procmail can do this, great. I'm just not sure that Procmail can
do anything beyond scanning all the received lines for matching patterns.
More information about the esd-l