Header checks

From Hackepedia
Jump to navigationJump to search
# Important! This might break stuff. Once you have installed it, do a # postfix reload while running tail -f /var/log/mail.log and watch for errors. Send some text emails using the subjects below and watch what happens
# This should block everything from 1900-2012.
/^Date: .* 200[0-12]/ REJECT Spam Header Past Date 2000s
/^Date: .* 19[0-9][0-9]/ REJECT Spam Header Past Date 1900s
/^Subject: .*Make Money Fast!/ REJECT  
/^Subject: .*Loan Offer/ REJECT Not looking for a loan thanks
/^Subject: *Your email contains VIRUSES/ DISCARD virus notification
/^Content-Disposition:.*VIRUS1_DETECTED_AND_REMOVED/
       DISCARD virus notification
/^Content-Disposition:.*VirusWarning.txt/ DISCARD virus notification
# Do not accept these types of attachments
/^Content-(Type|Disposition):.*(file)?name=.*\.(bat|com|exe)/ REJECT Bad Attachment .${3}
# non-RFC Compliance headers
/[^[:print:]]{7}/  REJECT 2047rfc
/^.*=20[a-z]*=20[a-z]*=20[a-z]*=20[a-z]*/ REJECT 822rfc1
/(.*)?\{6,\}/ REJECT 822rfc2
/(.*)[X|x]\{3,\}/ REJECT 822rfc3
# Unreadable Language Types? -- NON-acsii un-printable
/^Subject:.*=\?(GB2312|big5|euc-kr|ks_c_5601-1987|koi8)\?/ REJECT NotReadable1
/^Content-Type:.*charset="?(GB2312|big5|euc-kr|ks_c_5601-1987|koi8)/ REJECT NotReadable2
/^Subject: =?big5?/     REJECT Chinese encoding not accepted by this server
/^Subject: =?EUC-KR?/   REJECT Korean encoding not allowed by this server
/^Subject: ADV:/        REJECT Advertisements not accepted by this server 
/^Subject: =?Windows-1251?/     REJECT Russian encoding not allowed by this server
/^Subject: =\?KOI8-R\?/ REJECT Russian encoding not allowed by this server
/^Subject:.*=\?(big5|euc-kr|gb2312|ks_c_5601-1987)\?/   REJECT Language not accepted by this server as it is probably spam
/[^[:print:]]{8}/       REJECT Sorry, ascii characters only permitted by this server
/^From:.*\@.*\.cn/      REJECT Sorry, Chinese mail not allowed here
/^From:.*\@.*\.kr/      REJECT Sorry, Korean mail not allowed here
/^From:.*\@.*\.tr/      REJECT Sorry, Turkish mail not allowed here
/^From:.*\@.*\.ru/      REJECT Sorry, Russian mail not allowed here
/^From:.*\@.*\.ro/      REJECT Sorry, Romanian mail not allowed here