[Mimedefang] Detecting bogus AOL addresses
Kelson Vibber
kelson at speed.net
Fri May 7 19:52:08 EDT 2004
I recently came across the specification for valid AOL addresses. It's
simple, and easy to put into a regexp. It's only blocked 8 messages in the
last few hours since I went from logging to rejecting, but that's 8 messages
that didn't need to be scanned for viruses or spam.
In case anyone else might find it useful, here's an abbreviated version of my
filter_sender:
sub filter_sender ($$$$) {
my ($sender, $ip, $name, $helo) = @_;
$sender =~ s/.*\<//;
$sender =~ s/\>.*//;
$sender = lc($sender);
# Check for bogus AOL addresses as described at
# http://postmaster.aol.com/faq/mailerfaq.html#syntax
# - all alphanumeric, starting with a letter, from 3 to 16 characters long.
if ($sender =~ /\@aol.com$/i && $sender ne 'mailer-daemon at aol.com'
&& $sender !~ /^[a-z][a-z0-9]{2,15}\@aol.com$/i) {
return ('REJECT', 'Forged AOL address detected.');
#md_syslog 'info', "$QueueID: Forged AOL address detected.";
}
return ('CONTINUE', 'ok');
}
--
Kelson Vibber
SpeedGate Communications, <www.speed.net>
More information about the MIMEDefang
mailing list