I use Qmail, so i tried using @aol.com in my badmailfrom, but badmail doesnt
seem to look deep enough into the headers.
These virus that are sent to me and many others on my server are spoofing
other peoples address books, so the from: is not aol.
Maybe theres another plugin out there for qmail that will check deeply into
the headers. This is my next option.
Rick Darsey writes:
> Do the email servers all have aol.com in them. If so, and if your firewall
> can resolve DNS, you should be able to block them aol.com domain. Of course,
> this will block all traffic, but that seems to be what you are after.
>
> Rick
>
> -----Original Message-----
> From: Chris [mailto:chris_at_jynx.net]
> Sent: Saturday, November 30, 2002 3:21 AM
> To: security-basics_at_securityfocus.com
> Subject: Question on Blocking an ISP.
>
>
> As of the last couple weeks, from 1 aol users i have gotten over 1000+ virus
> emails.
> These emails are your tipical freescreensaver virus that has been going
> around for years now. It seems this person has an affected system. This is
> not really my question or concern.
>
> I have been scanning though all the headers getting the proxy email servers
> aol uses, but it seems like a endless list. LOL.
>
> I'm blocking these ips though IPchains, but i really would like to know how
> to get every class owned by aol so i can block them all.
>
> Receiving mail from aol is no big thing to me, considering 99.9% of the time
> is junk or spam.
>
> Is there some way to whois arin on a nic handle to get all the classes?
>
> Thank you.
> -chris
>
>
Chris S.
www.jynx.net
chris_at_jynx.net
Received on Dec 03 2002
Intro
