On Thu, Jul 20, 2006 at 04:29:01PM -0400, Scott Kitterman wrote:
If mean that he tests an inbound message for three things:
1. Does the client IP have a reverse DNS PTR record?
2. Does it use a legit (FQDN) HELO name?
3. Does the mail from of the message Pass SPF?
Any one of those is enough to save the message from outright rejection.
After having some trouble with my current ruleset (solely based on best-guess
+ RHSBL) and false positives, I decided to switch to this "three strike" rule,
with the following extension:
- If one of them passes, then it'll have to pass RHSBL with the resulting
FQDN as well.
- If none of them passes, then it'll face DNSBL with the IP (including
blacklists of dynamic IP blocks). I think at this point it'd fair to use
such measure.
Does anyone have some advice/conffile to setup this on Exim?
--
Robert Millan
My spam trap is honeypot(_at_)aybabtu(_dot_)com(_dot_) Note: this address is
only intended for
spam harvesters. Writing to it will get you added to my black list.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com