Tony Finch <dot(_at_)dotat(_dot_)at> wrote:
http://www.livejournal.com/users/fanf/30030.html
An independent analysis (not necessarily any better)
]
] Total rejections: 123921
123,921 messages considered spam; I'll guesstimate 0.1% were ham
] Failed HELO checks: 101417
] Forward DNS correct: 2128
99,289 didn't match IP address of EHLO
(This is not what the data actually says, but it's "close".)
Thus we have 80.13% of a 99.9%-spam population failing forward-DNS.
] Total accepted: 31754
] ... about 15% of the messages we accept are spam...
(I'm not adjusting this number, rather using 15% as a coordinate.)
] Failed HELO checks: 13349
] Forward DNS correct: 3196
10,153 didn't match IP address of EHLO
Thus we have 39.17% of a 15%-spam population failing forward-DNS.
This is a very strong correlation. It suggests that early checking
of forward-DNS can be a powerful too; but of course it does not support
rejection based solely on failure of forward-DNS.
It would be interesting (though a bit exhausting) to find the
percentage of a <1%-spam population which fails forward-DNS...
http://www.livejournal.com/users/fanf/30241.html
(This concerns number of dots in EHLO strings. I have nothing to add
to Tony's analysis.)
--
John Leslie <john(_at_)jlc(_dot_)net>