[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: spam avoidance (was Re: cpu speed problem)



Somebody in the thread at some point said:

> I think reject_unknown_client refers to rDNS for the connect IP, not the
> hello hostname, which would be reject_unknown_hostname.  My milter
> disallows relaying from any connect IP that seems "dynamic", such as having
> no rDNS at all.

You're quite right.  Now there aren't too many direct spams I quite like
looking at the headers of the successful ones anyway, I'll do a host on
the HELO fqdn by hand for a while and see if it would be worth the risk
of unwanted rejects by adding reject_unknown_hostname.

>>  # reject bad syntax hostname
>> reject_invalid_hostname,
>>  # non FQDN gets the boot
>> reject_non_fqdn_hostname
> 
> I have my milter set up to reject any form of numeric hello, even the
> RFC-compliant [xx.xx.xx.xx], and then to reject if the hello has DNS "A"
> record.  I don't check for "MX", since AIUI anything with an "MX" record
> should have an "A" record, and "MX" records are for receiving email, not
> sending it.

Do you mean "reject if the hello *doesn't* have a DNA A record"?

Thanks for the precision on the host and HELO reject_unknown_*

-Andy


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]