I have been using policyd-weight in my spam filtering chain for a long time.
I have a client that received hundreds of messages per day from a 3rd party that uses outlook.com. In the last few days, this 3rd party has been getting 2-3 messages bounced per day and they are complaining that my spam filtering is wrong. It appears that outlook.com uses a random pool of outbound servers to deliver mail, and most of them have valid forward/reverse DNS and a matching HELO. A few of them don't: Jun 30 09:25:16 mx1 postfix/policyd-weight[27488]: decided action=550 Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs; MTA helo: apac01-hk1-obe.outbound.protection.outlook.com, MTA hostname: mail-hk1on0081.outbound.protection.outlook.com[134.170.140.81] (helo/hostname mismatch); <client=134.170.140.81> <helo=apac01-hk1-obe.outbound.protection.outlook.com> <from=-redacted-> <to=-redacted->; delay: 3s I don't recall whether the RFCs say I can/can't/should/shouldn't be blocking based on HELO. Thanks for any advice, -A _______________________________________________ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
