When sendmail screens headers, it first calls each rule set specified for a
specific named header (as with Subject: in the previous section). If no rule set exists
for a particular header name, sendmail next looks for the special definition H* and, if
found, passes the header to that rule set. You can think of H* as specifying a default
rule set.
The rule set named ScreenForDots has only a single rule. That rule matches any value
part of any header that does not have its own rule set. The LHS checks for a value
that begins with 10 dots followed by zero or more arbitrary tokens.
Any header that has such a bad value will be rejected and the message bounced. The
bounce will have the following text as its error, where the offending header was the
Received: header shown earlier:
553 5.3.5 Ten or more dots begin Received header
Remember that the techniques used by spam email senders change over time??”the
bad guys learn and adapt too. We solved the dots in the Received: header with a general
rule set because it was transient (a spam technique used for a brief period and
then abandoned). The problem will doubtless appear again, perhaps in a different
header, or when some poor sap downloads an old version of spamming software. But
by defining witha general-purpose rule set (the H* one), we anticipate the return of a
technique in the future, possibly with a differently named header.
Pages:
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497