On Tue, 19 Oct 2004, Simon Byrnand wrote:
To do that though, you would need a foolproof, programatic way of getting an MTA to recognise a Mailwasher forgery and seperately handle it. Has anyone done this yet for any popular MTA's ? It's one thing for a human to be able to look at the headers and spot them reliably, but another for it to be automated. (Think spam filtering - FP's and FN's etc) The overhead would need to be pretty low too, since mailservers have a hard enough time filtering junk as it is...
The message-id has mx1.yourdomain.co.nz as it's host. Also the from address (and the message-id) will use the domain of the customers email address. This is a good way to grep them out of the mail logs. So if you bounce emails from a different domain than what customers are using (ie customers use paradise.net.nz for email and the mail servers generate bounces from tsnz.net) then they are pretty easy to spot. The best trick is to reject emails from MAILER-DAEMON(a)yourdomain.co.nz from customer IPs, or similar. I'm told it even pops up an error to the mailwasher muppet when you do this. If you are really good you could make the error tell them to contact mailwasher support. As aothers having stated the only long term method of fixing the problem is to shift the support costs onto the mailwasher authors. -- Simon J. Lyall. | Very Busy | Mail: simon(a)darkmere.gen.nz "To stay awake all night adds a day to your life" - Stilgar | eMT.