My previous article outlined two solutions against the recent spam breakout: blacklisting your own domain and using SPF. This article will introduce a third one: an External Agent for ORF. If you are not interested in the mechanics of a simple External Agent, here is a direct link for the package download (then follow instructions of readme.txt). If you stay with me, I will show you how you can extend ORF by scripts.
The agent we need is not particularly algorithm-heavy, all we need is to compare the sender address to the recipient address. If they match, we have self-sending spam. If they don’t, it’s not self-sending spam.
ORF can pass the addresses as command-line parameters, wait for the script and assuming exit code 1 means a hit, blacklist the email on exit code 1.
So let’s see how our script looks like in VBScript:
We can invoke these scripts using “cscript” (part of WSH) as
When testing from command-line, “echo %ERRORLEVEL%” will tell the (last) exit code.
To turn this whole thing into an External Agent, we create a new agent definition. On the Run tab, point the Agent Executable field to C:\Windows\System32\cscript.exe (make sure the file is there) and in the Parameters box enter
On the exit codes tab, add a new action for exit code 1.
And that’s all, we have a working External Agent.