Matt, (pause while I put on my iron codpiece) this sounds like a good place for an IMail implementation to use SPF records as self-defense.
It sounds like what you're looking for is a two-fer that maps valid client space with valid domain names to detect spoofing, and HELOBOGUS will only do part of the job. Or am I just putting words in your mouth? Andrew 8) -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Sent: Monday, April 11, 2005 2:54 PM To: [email protected] Subject: [Declude.JunkMail] HELOBOGUS only fails with non-local senders I was scratching my head real hard on this one, but found the answer in the release notes and I think that given changes over time, our friends at Declude should consider revising how this limiting of the HELOBOGUS test works. I noted in the release notes for 1.57 [Beta, 30 Jul 2002] that the HELOBOGUS "will now only be tested on non-local senders." With the invention of WHITELIST AUTH, this is unnecessary for any server that is configured for this. Zombie spammers and viruses will often enough forge a local sender in the Mail From along with using bogus HELO names, but the HELOBOGUS test won't trigger in that event due to this old fix. I agree that at the time this was totally necessary just like disabling DUL tests for local senders was, and the only method that could be used was checking the Mail From, but for systems that can whitelist all local users, it would be beneficial to have the added value of these tests under these conditions by way of a switch in the config file. I would imagine that the switch would be in the form of something like "LOCALHELOBOGUS ON" and "LOCALDUL ON". I believe that the DUL part has been discussed before and possibly agreed to that it was a good idea for a future revision. I would hope that the same consideration could be given to the HELOBOGUS skipping of local senders. Thanks, Matt -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ ===================================================== --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
