Henrik K wrote:
On Sun, Mar 30, 2008 at 07:23:17PM -0400, Matt Kettler wrote:
There is nothing wrong.
The overzealous RDNS_DYNAMIC rule hits the first one like it should.
Well, actually, it's matching the archlinux list server. It is not
matching the gmail users home IP. This test matches only the first
untrusted host. ie: the machine dropping mail off at your MX.
The archlinux.org list server appears to reverse DNS as
66-211-213-17.velocity.net, which is a sure-fire match for RDNS_DYNAMIC,
and is also the host that dropped mail off at your domain.
You might want to encourage the archlinux guys to get their hosting
provider to set up a non-generic reverse DNS for the server.
That said, RDNS_DYNAMIC was only 0.1 of the score of this message.
Then
those RCVD_IN rules check all Received-headers, thus matching the IP that
sent to gmail.
True. RCVD_IN_NJABL_PROXY will match any header. The sender is emailing
from an IP that's had a verified open proxy running on it.
Also, the fact that 201.20.219.97 did not have a reverse lookup also
gaurntees that RDNS_DYNAMIC could not possibly match it. There is no
RDNS in the headers, so there's nothing to match.
TVD_RCVD_IP will also match any header, but it would appear to be
matching the list server as well. 66-211-213-17.velocity.net should
match the rule.
