Date: Wed, 20 Jun 2001 19:50:51 -0400 (EDT) From: "Bruce M. Walker" <bmw@borderware.com> To: freebsd-security@FreeBSD.ORG Subject: Re: need help filter this stupid virus. Sendmail didnt stop this. Message-ID: <200106202350.f5KNopS18245@fusion.borderware.com> In-Reply-To: <200106202329.f5KNTPm07958@fusion.borderware.com> from "Bruce M. Walker" at "Jun 20, 2001 07:29:25 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Gah! Bad form to reply to my own msg, but I gave bad advice... Bruce M. Walker wrote: > > This syntax is supposed to match mail-header From: (or To:) lines... > > From:spammer@some.dom REJECT > To:friend.domain RELAY I'm way wrong! That just makes the match *specific* to envelope-from or -to, not internal mail headers. To add header checks in sendmail, see section "Header Checks" in /usr/share/sendmail/cf/README. It would look like this: LOCAL_RULESETS HFrom: $>CheckFrom SCheckFrom R< hahaha @ sexyfun . net > $#error $: 550 No spam. R$* $@ OK (This is untested!) That's why most people are using Procmail to handle these cases. Here's a hint: install Postfix in place of sendmail. You'll find the header-checks capability is extensive. Stopping this virus is pretty trivial. -bmw To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106202350.f5KNopS18245>