Some stats from the logs on one of my MX hosts:
Total rejections: 123921
Failed HELO checks: 101417
Forward DNS correct: 2128
Total accepted: 31754
Failed HELO checks: 13349
Forward DNS correct: 3196
"HELO checks" means that the reverse DNS and forward DNS and HELO domain
must match. This was checked at SMTP time by Exim. "Forward DNS correct"
means that an A lookup on the HELO domain yields the client's IP address.
This was checked just now by a simple program based on adns. (It's useful
to be able to sustain 10000 concurrent DNS queries when doing this kind of
job.)
So, today this machine has rejected 80% of incoming messages. According to
SpamAssassin about 15% of the messages we accept are spam so you might
want to adjust the numbers on that basis.
Of the rejected messages, 80% have a completely bad HELO domain, and 2%
have a HELO domain that's correct only in the forward direction.
Of the accepted messages, 32% have a completely bad HELO domain, and 10%
have a HELO domain that's correct only in the forward direction.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
MALIN HEBRIDES: NORTHEAST 4 OR 5 INCREASING 6. RAIN LATER. GOOD BECOMING
MODERATE.