On Wed, Oct 22, 2008 at 03:47:53PM +0200, Matthias Haegele wrote: > > I think this is rather a bad idea. I would prefer to treat them on their > behaviour > (use helo checks, check for reverse dns ..., you should find several > examples in this thread, from mouss ...) . > What would prevent a spammer to name his box "smtp" e.g.?
Please think more. Preventing GREYLISTING with such whitelist is fine. Such servers retry. It also benefits to check it before FP-prone regexps like what was posted before. You can use dnswl for same purpose. Spammers can't fake reverse DNS. If they have a "legimate" server of their own, it will be blacklisted soon enough anyway. > You could use the botnet plugin for Spamassassin if used at your site. Botnet is blah, it doesn't even check domain boundaries and as such might have FPs on multi-tld. Not to mention the other FPs it can have, especially with default configuration. It offers no benefits as you can (and should) block all such dynamic hosts directly in your MTA.
