Just noticed something really strange show up in my milter logs:
2006-06-23 08:15:09.589901-07:00 [mx]
connect(821,localhost,[222.252.168.54]) 1
2006-06-23 08:15:09.968668-07:00 [mx]
helo(821,2g4i9a.oq4ihijo.comcast.net,invalid)
2006-06-23 08:15:10.453522-07:00 [mx]
envfrom(821,argv[0]=<kayepenn9v(_at_)gardener(_dot_)com>)
2006-06-23 08:15:10.489847-07:00 [mx]
envrcpt(821,argv[0]=<uucp(_at_)pixelprocessor(_dot_)us>)
2006-06-23 08:15:10.829801-07:00 [mx]
header(821,Message-ID,<53327639439490(_dot_)8D11BD6FB3(_at_)OQTQ>)
2006-06-23 08:15:10.869782-07:00 [mx] header(821,From,"Wilda"
<RuthieLevyex(_at_)cliffhanger(_dot_)com>)
2006-06-23 08:15:10.909778-07:00 [mx]
header(821,To,<uucp(_at_)pixelprocessor(_dot_)us>)
2006-06-23 08:15:10.949778-07:00 [mx] header(821,Subject,Hottest new offer
Diplomas Without Exams)
...
Notice the "connect" line -- it appears that reverse DNS is resolving the
offered IP address to "localhost". samspade.org also reverse DNS's the ip
address to "localhost". In fact, a sampling of the entire address block
containing the IP address (222.252.0.0/16) indicates that ALL the hosts in
the block are "localhost". It might be a misconfiguration by Vietnam
Posts and Telecommunications Corp (the owner of the netblock), or a
deliberate configuration.
In any case, spam detectors who rely on "localhost" as the reverse lookup
for an IP address as a condition of passing the e-mail are at risk of
producing false negatives.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg