On Fri, 02 Jan 2004 20:35:21 -0500 "Keith C. Ivey" <[EMAIL PROTECTED]> wrote:
> Scott Harris <[EMAIL PROTECTED]> wrote: > > > Would a useful check be to reject anything where the relay domain is not > > part of the sender domain? > > Or would this be to restrictive? > > > > My first thoughs are of those with virtual domains hosted. But you should > > be able to give the relay multiple names to allow things to pass. Or so I > > would think? > > Definitely too restrictive, though it might work for big ISPs > like AOL. An IP address can only have one reverse DNS, so > servers that handle multiple domains won't match the way you > want them to. Actually, an IP address may have multiple PTR (rDNS) records but most software is coded to only look for the first record returned. Filtering on the relaying host's rDNS not matching the sender's domain is bound to give you excessive numbers of FPs, at least for the forseeable future. -- Bob ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
