ROGERS Richard wrote: > Interesting observation. Unfortunately I don't keep historical data for > individual rejection reasons (possibly I should), but my feeling (and > it's only that) is that there has been an increase in the use of domain > literals as HELO/EHLO strings. Although (AFAIK) these are perfectly > legal, we now reject mail where the HELO/EHLO string is a domain literal > of the sending IP address AND there is no rDNS for the sending IP > address. > > We also reject where the HELO/EHLO string is a single word (i.e. no "." > in it, so it can't be a FQDN or domain literal) AND there is no rDNS on > the sending IP. > > No complaints about either of these so far (they probably count for > upwards of 5% of all rejections, despite being fairly late in the > sequence of tests). > > I'd love to reject wherever there is no rDNS, but I think there would be > too many false positives involved. (I know that some here take the view > that this is not a false positive, but our users are likely to regard a > message that is not spam, and does not originate from a known source of > spam, as one that should be delivered). That's not to say it can't be > given a score in SpamAssassin though. >
Many ISPs put generic reverse DNS on their IP range. So I prefer to reject when the HELO is a single word whatever there is a RDNS or not.
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
