[quote user="MartinB"]

Any way to block emails that are dated incorrectly ?? 

eg:

if date is earlier that 1st Jan 2008 the drop ??
I get lots of spam with dates going back years...
 [/quote]

Not at the SMTP level. You can use the Content Control and some rule like:

IF NOT HEADER "Date" MATCHES "* 2008 *" WEIGHT 100 TAG "Probably faked Date header"

but actually I wouldn't recommend it. It will probably also hit on mails without a date header, which is a RFC violation but unfortunately often the case with commercial newsletters and such. Besides, you have to remind the rule if all of a sudden at the beginning of 2009 all incoming mail is treated as spam.

Best regards,

Nico

I get lots of spam with foreign characters in the TO, FROM and/or Subject.

EG: Эффективные Интернет решения

Any way to block this at transaction level ??

Thanks

Campaign for IMAP Filtering !!

[quote user="MartinB"]

I get lots of spam with foreign characters in the TO, FROM and/or Subject.

EG: Эффективные Интернет решения

Any way to block this at transaction level ??

[/quote]

Not really, no. Content control has a "Garbage" test that will handle this type of thing, but there's no real equivalent at the transaction level. In truth, I'm not even sure how you could do it in any kind of reliable way, because the sample you could work on (a single header) is really too small to be meaningful.

You could probably build a set of transactional rules that looked for sequences of high-bit characters, but I think you'd find it would generate false positives too.

What about:

# Subject

S, "??koi8-r*", B, "554 Koi8-r charset not accepted"
S, "??windows-1251*", B, "554 Windows-1251 charset not accepted"
S, "??ISO-2022-JP*", B, "554 ISO-2022-JP charset not accepted"

# From

M, "??koi8-r*", B, "554 Koi8-r charset not accepted"
M, "??windows-1251*", B, "554 Windows-1251 charset not accepted"
M, "??ISO-2022-JP*", B, "554 ISO-2022-JP charset not accepted"

# To

R, "??koi8-r*", B, "554 Koi8-r charset not accepted"
R, "??windows-1251*", B, "554 Windows-1251 charset not accepted"
R, "??ISO-2022-JP*", B, "554 ISO-2022-JP charset not accepted"

Best regards,

Nico

[quote user="tBB"]

What about:

[quote user="David Harris"]

 That's the sort of thing I was thinking of - it will work to some extent, but there are so many character set renditions out there that it would be a lot of work to catch them all, and then you're also assuming the headers are legally-formatted...

[/quote]

Indeed, these rules would only work if at least one of the checked headers is legally formatted which is not always the case. Actually it is rather seldom the case with windows-1251 and iso-2022-jp formatted spam while almost all koi8-r charset spam seems to be correctly formatted. Big5, GB2312 or GB18030 encodings are apparently not used anymore nowadays (at least in spam) therefore I didn't mention them.

Thanks and best regards,

Nico

Edit: I've just checked the spam in these encodings which came in the past 30 days (~5500 mails) and found that about 60% of all spams in Windows-1251 (~250 mails) are correctly formatted and about 90% of all iso-2022-jp spams (~320 mails) are correctly formatted. The rest (~4900 mails) is koi8-r and as mentioned, in almost all cases correctly formatted so the filter might hit better than I thought :)

Thanks Nico I will try this..

Any way to block emails that are dated incorrectly ?? 

eg:

if date is earlier that 1st Jan 2008 the drop ??
I get lots of spam with dates going back years...