spam avoidance (was Re: cpu speed problem)

Tony Nelson tonynelson at
Tue Jul 31 16:15:11 UTC 2007

At 7:12 AM +0100 7/31/07, Andy Green wrote:
>Somebody in the thread at some point said:
>> I think reject_unknown_client refers to rDNS for the connect IP, not the
>> hello hostname, which would be reject_unknown_hostname.  My milter
>> disallows relaying from any connect IP that seems "dynamic", such as having
>> no rDNS at all.
>You're quite right.  Now there aren't too many direct spams I quite like
>looking at the headers of the successful ones anyway, I'll do a host on
>the HELO fqdn by hand for a while and see if it would be worth the risk
>of unwanted rejects by adding reject_unknown_hostname.
>>>  # reject bad syntax hostname
>>> reject_invalid_hostname,
>>>  # non FQDN gets the boot
>>> reject_non_fqdn_hostname
>> I have my milter set up to reject any form of numeric hello, even the
>> RFC-compliant [xx.xx.xx.xx], and then to reject if the hello has DNS "A"
>> record.  I don't check for "MX", since AIUI anything with an "MX" record
>> should have an "A" record, and "MX" records are for receiving email, not
>> sending it.
>Do you mean "reject if the hello *doesn't* have a DNA A record"?

Opps, yes.

>Thanks for the precision on the host and HELO reject_unknown_*

TonyN.:'                       <mailto:tonynelson at>
      '                              <>

More information about the users mailing list