Henrik K wrote:
On Wed, Mar 19, 2008 at 05:35:32PM +0100, mouss wrote:
Henrik K wrote:
On Wed, Mar 19, 2008 at 02:48:34PM +0100, mouss wrote:
Luis Hernán Otegui wrote:
[snip]
how about something like
header NONFQHELO_DYN1 X-Spam-Relays-Untrusted =~ /^[^\]]+
rdns=\S*[^a-z]{9}\S+ helo=[^\.\s]+ /i
score NONFQHELO_DYN1 3.0
describe NONFQHELO_DYN1 non fqdn helo from dynamic client
?
I'll go with this, and tomorrow we'll see. Thanks a LOT to everybody
for their suggestions. They've gone right into my documentation folder
;-)
beware. that was a question, not a suggestion! I only ran it on very
few messages, so it's completely untested.
It should use X-Spam-Relays-External. Still a common minconception that
untrusted == external.
can you explain why it should use *-external instead of *-untrusted?
Inspired by this thread I submitted this, which should explain it:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=5856
it's because you are trusting the ISP MSA. I am not. I only trust my ISP
and my registrar MX. no MUA should talk to them.
*-external wouldn't bring me anything, because I am already doing checks
at the MTA level, so the zombie won't get to SA if it matches such
rules. In particular, I reject non fqdn helo on the MX unconditionally
(I know this may catch misconfigured sites, but I currently don't care).
