On 26 Dec, Dave Barnett <as10@xxxxxxxxxxxxxxxxx> wrote: > In a recent message Steven Pampling > <steve.pampling@xxxxxxxxxxxxx> wrote: > > On 23 Dec, Dave Barnett <as10@xxxxxxxxxxxxxxxxx> wrote: > >> TFM assures me that the broken pipe at the end of an list entry > >> will=20 ensure that it is followed by a non alphanumeric. I have > >> just found=20 that '.' is considered to be an alphanumeric. > > > >> I had ".mx=A6" to trap Mexico as a list entry and found that AOL have > >> a=20 Received: line ...mx.aol.com. Hasty apologies to my friend. > > > >> Are there any other sneaky country TLDs? > > > > When trapping things like .mx it is best to work on the basis of the > > TLD reference being ".mx>" i.e. *always* include the > > > > Fine if you are testing From: I was testing Received: , this is much > less susceptible to spoofing as it is under the control of the isp's > servers. Same principle, different character --> use ".mx (" Although when you are testing the received: the best ones to test for are the IP addresses and a list of the top offenders can be derived from www.spamhaus.org and the latest 25 entries are at: http://www.spamhaus.org/sbl/latest.lasso -- Steve Pampling