[Mimedefang] Blocking messages from two relays back
Stefano McGhee
SMcGhee at ARCweb.com
Fri Nov 8 16:05:01 EST 2002
Hello all,
Our domain has three MX records. One primary running MD, a second
only doing antivirus, and the third is our ISP. I recently closed the on
our firewall to our secondary MX server and saw the amount of spam we get
drop from 65% to less than 20%. This is great. Now I'm noticing spammers
going to the third MX, our ISP, instead. We have them as our third MX in
the event our T1 goes down. They hold our mail for a bit while the line
gets repaired. It's a useful service. However, now I cannot reasonably
evaluate the mail coming from them in MD or Sendmail's access_db because
the last relay was our ISP, not the spammer. I though that
mimedefang-ip-key might help, but that seems to be only useful if the ISP
used MD on that server. Is there any way around this? Can I evaluate the
HEADERS file and look for relays listed in the access_db? Any other ideas?
Cheers,
Stefano
More information about the MIMEDefang
mailing list