[Mailman-Users] Filtering Chinese spam.
Mark Sapiro
mark at msapiro.net
Sun Apr 22 21:49:06 EDT 2018
On 04/22/2018 05:50 PM, Kenneth G. Gordon wrote:
> On 22 Apr 2018 at 7:55, Mark Sapiro wrote:
>
>> Also, if those from: lines are in bounce_matching_headers, it only
>> results in those messages being held and presumably the same end result
>> is obtained with Privacy options... -> Sender filters ->
>> generic_nonmember_action = Hold
>
> Thanks again, I want ALL traffic from (for instance) qq.com to go into a big black hole.
So you have two choices. If you want all posts from non-list members to
just disappear, set Privacy options... -> Sender filters ->
generic_nonmember_action = Discard and you don't have to deal with any
'from' spam filters and all non-member posts will just disappear.
If, on the other hand, you want some non-member posts to be held (or
rejected or even accepted) while dealing with the Chinese spam
separately, set Privacy options... -> Sender filters ->
generic_nonmember_action = Hold or Reject or Accept as desired and
create one header_filter_rule with a Discard action and a list of
regexps like
^Subject: =\?utf-8\?B\?
^Subject:.*\?{4,}
^from: .*@qq\.com
^from: .*ebdoor\.com
^from: .*126\.com
^from: .*139\.com
^from: .*136\.com
^from: .*163\.com
^from: .*193\.com
although note Steve's caveats about the first two.
Note that you could handle all the 3-digit ones with a single
^From: .*@\d{3}\.com
regexp which will match a From: header with anything followed by @ and 3
digits and .com.
Also note, these tests are case insensitive so From vs. from is
irrelevant and note the \ escape of the . so it matches a literal . and
not any character
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list