On Thu, 2009-09-03 at 01:36 -0400, Sahil Tandon wrote: > On Thu, 03 Sep 2009, Clunk Werclick wrote: > > > I'm starting to see plenty of these and they are new to us: > > > > zgrep "address not listed" /var/log/mail.info > > Sep 3 05:26:59 ....: warning: 222.252.239.56: address not listed for > > hostname localhost > > dig -x 222.252.239.56 > > > > ... > > ;; QUESTION SECTION: > > ;56.239.252.222.in-addr.arpa. IN PTR > > > > ;; ANSWER SECTION: > > 56.239.252.222.in-addr.arpa. 83651 IN PTR localhost. > > ... > > > > Taking to one side the various RBL's which are catching these, and not > > going the whole 'PTR must match' route - would it be practical to craft > > a 10 point rule based on PTR = localhost? Is it even possible to build a > > rule based upon DNS returns? > > > > Forgive the stupidity of the question, but I'm not sure how to, or even > > if it can be implemented? > > If you reject mail that scores >= 10, then you could accomplish this before > mail even gets to SA. Since you appear to be using Postfix, you could > experiment with check_reverse_client_hostname_access, which is available in > Postfix 2.6 and later. Thank you Sahil. It's a job for Postfix (when I get around to 2.6) because...... > For a general primer on what you can (and cannot) do > with respect to SA rules, the following page might be useful: > > http://wiki.apache.org/spamassassin/WritingRules .... this gives no hint to crafting rules on DNS status - which is as I thought, hence the question in the first instance. > > -- > Sahil Tandon <sa...@tandon.net> -- ----------------------------------------------------------- C Werclick .Lot Technical incompetent Loyal Order Of The Teapot.
This e-mail and its attachments is intended only to be used as an e-mail and an attachment. Any use of it for other purposes other than as an e-mail and an attachment will not be covered by any warranty that may or may not form part of this e-mail and attachment.
