spam avoidance (was Re: cpu speed problem)
tonynelson at georgeanelson.com
Tue Jul 31 16:15:11 UTC 2007
At 7:12 AM +0100 7/31/07, Andy Green wrote:
>Somebody in the thread at some point said:
>> I think reject_unknown_client refers to rDNS for the connect IP, not the
>> hello hostname, which would be reject_unknown_hostname. My milter
>> disallows relaying from any connect IP that seems "dynamic", such as having
>> no rDNS at all.
>You're quite right. Now there aren't too many direct spams I quite like
>looking at the headers of the successful ones anyway, I'll do a host on
>the HELO fqdn by hand for a while and see if it would be worth the risk
>of unwanted rejects by adding reject_unknown_hostname.
>>> # reject bad syntax hostname
>>> # non FQDN gets the boot
>> I have my milter set up to reject any form of numeric hello, even the
>> RFC-compliant [xx.xx.xx.xx], and then to reject if the hello has DNS "A"
>> record. I don't check for "MX", since AIUI anything with an "MX" record
>> should have an "A" record, and "MX" records are for receiving email, not
>> sending it.
>Do you mean "reject if the hello *doesn't* have a DNA A record"?
>Thanks for the precision on the host and HELO reject_unknown_*
TonyN.:' <mailto:tonynelson at georgeanelson.com>
More information about the users