On Feb 3, 2007, at 3:17 PM, DR. Lee - NS1 wrote:
How about the message in the header saying "may be forged", is it safe
to filter it out?
Nope, for the same reasons as below.
Also I found in the subject line, it often contains the leading prefix
like
AD:xxxx
SPAM: Best buy .....
Is this some clever server put it for us to make filter easier?
I think it's there to test deliverability.
But yes, with stuff like that... I'd say, filter away.
Aloha mai Nai`a! wrote:
BTW, that means, "Love from the Dolphin" in Hawaiian.
It's my Nick, and the way I habitually sign on on almost all messages.
Now, the bigger question: Are you sure this is a good idea?
The 'unknown' means that either:
1) the reverse DNS doesn't exist, as in this case:
$ host 125.180.77.87
Host 87.77.180.125.in-addr.arpa not found: 3(NXDOMAIN)
2) or, that the forward and reverse DNS don't agree.
If you block, or even filter, based on that, you're gonna see false
positives.
Granted, it's a pretty good indicator that someone's not paying
attention to their DNS config, but...
You're gonna see False Positives.
Be ready for it.
Aloha mai Nai`a!
--
"Please have your Internet License http://kapu.net/~mjwise/
and Usenet Registration handy..."
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail