Check Headers with Rule Sets
Beginning with V8.10, sendmail provides the ability to screen selected headers with rule sets. This is described in detail in Section 25.5. In this section we show two more techniques for using header checks to reject spam messages:
Reject messages that have subjects which indicate that the message contains a virus.
Reject messages that have an illegally formed
Received: header.
Virus Screening by Subject
Many messages that contain viruses, worms, or Trojan horses have
distinctive subject lines, the text of which is usually reported in
the news. When a new virus is discovered, it is often quicker to
reject messages based on its reported subject line than it is to
await the latest update of your favorite virus filter software. But
this is only a temporary fix. Because legitimate email will often
share the same subjects, it is best to only screen on the
Subject: header between the time the virus is
detected and announced, and the time your virus screening software is
updated.
One way to screen by subject is to create a database of subject lines to reject, and then use that database in a subject checking rule set. Consider the following text file which contains one subject per line. The subject is to the left, the word REJECT is to the right, and the two are separated by one or more tab characters:
I Love You REJECT Visit Home Now! REJECT
If you were to call this file /etc/mail/spamsubjects, you could turn it into a database map with commands like this: ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
