Spam Filter picking up nobody messages.

picoleto

Member
Aug 8, 2006
21
0
151
I recently just changed my /etc/antivirus.exim file to filter out spam messages. I've been having some recent troubles with high loads / spamd. From searching the forums here i found several suggestions using this url and information should help with my problem:

HTML:
http://www.webhostgear.com/338.html


I noticed in my filter log that it's picking up nobody messages:

Code:
2007-02-27 21:56:15 1HMHnT-0005XR-Nw from [email protected] is forged fake
I took a look at my exim_mainlog and found this:

Code:
2007-02-27 21:56:15 1HMHnT-0005XR-Nw <= [email protected] U=nobody P=local S=3293 T="Testimonial added at " from <[email protected]> for [email protected]
2007-02-27 21:56:15 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1HMHnT-0005XR-Nw
2007-02-27 21:56:15 1HMHnT-0005XR-Nw => discarded (system filter)
2007-02-27 21:56:15 1HMHnT-0005XR-Nw Completed QT=0s
Is there any way that I can whitelist the nobody user in this script or should if i comment out the following line

$received_protocol is "local" or
 

picoleto

Member
Aug 8, 2006
21
0
151
I think i may have figured it out, since the comments in my filter log are "forged fake", i am just going to comment out this section.

Code:
#logfile /var/log/filter.log 0644
#if (
#$received_protocol is "local" or
#$received_protocol is "esmtpa"
#) and (
#$header_from contains "@hotmail.com" or
#$header_from contains "@yahoo.com" or
#$header_from contains "@aol.com"
#)
#then
#logwrite "$tod_log $message_id from $sender_address is forged fake"
#seen finish
#endif
If anyone knows that this is the correct workaround for this please let me know.