On 7/13/2011 3:08 PM, mouss wrote:
> Le 13/07/2011 19:04, motty.cruz a écrit :
>> Received: from ucmx01.uzuncase.com (66-193-162-90.static.twtelecom.net
>> [66.193.162.90])
> you might start with
> /^(\d+\W){4}.*\.twtelecom\.net$/
> REJECT generic hostname. please use your ISP or fix your DNS.
This wouldn't be wise mouss. It would reject all mail from a legit
site. This is a SOHO IP range in Georgia, USA, occupied by an
engineering firm, Uzune & Case. The bounce originated from a mail host
well behind their MX. Uzune & Case obviously need better anti spam
measures themselves, but that's a another issue.
Rejecting all of their mail simply based on the generic rDNS of their
outbound MTA is a wrong move, especially since the string clearly
identifies a static range. fqrdns.pcre would have returned a PREPEND on
this rDNS, not a REJECT, and for good reason.
Simply eliminating backscatter altogether as Noel mentioned is a better
course of action.
--
Stan
