Le 01/07/2015 17:50, Aaron C. de Bruyn a écrit : > I have been using policyd-weight in my spam filtering chain for a long time. > > I have a client that received hundreds of messages per day from a 3rd > party that uses outlook.com. > > In the last few days, this 3rd party has been getting 2-3 messages > bounced per day and they are complaining that my spam filtering is > wrong. > > It appears that outlook.com uses a random pool of outbound servers to > deliver mail, and most of them have valid forward/reverse DNS and a > matching HELO. A few of them don't: > > Jun 30 09:25:16 mx1 postfix/policyd-weight[27488]: decided action=550 > Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to > correct HELO and DNS MX settings or to get removed from DNSBLs; MTA > helo: apac01-hk1-obe.outbound.protection.outlook.com, MTA hostname: > mail-hk1on0081.outbound.protection.outlook.com[134.170.140.81] > (helo/hostname mismatch); <client=134.170.140.81> > <helo=apac01-hk1-obe.outbound.protection.outlook.com> > <from=-redacted-> <to=-redacted->; delay: 3s > > I don't recall whether the RFCs say I can/can't/should/shouldn't be > blocking based on HELO. > > Thanks for any advice,
Hi, According to https://tools.ietf.org/html/rfc5321#section-2.3.5 it’s said that the EHLO must be resolvable and resolve to the A or the AAAA of the MX but it’s not necessary to be the PTR of the MX. (It’s what I understand, I could be wrong) -- Alarig
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mailop mailing list mailop@mailop.org http://chilli.nosignal.org/mailman/listinfo/mailop
