Andrew,
Why would you counterweight their IP and not the REVDNS? It seems that
it is basically the same thing?
Goran Jovanovic
The LAN Shoppe
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:Declude.JunkMail-
> [EMAIL PROTECTED] On Behalf Of Colbeck, Andrew
> Sent: Thursday, September 08, 2005 11:52 AM
> To: Declude.JunkMail@declude.com
> Subject: RE: [Declude.JunkMail] How to credit a domain
>
> Goran, I have consistently found that providers that handle mail for
> other companies are reliable enough that I can merely counterweight
> their IP. I hardly ever trust their reverse DNS, and even less often
> the HELO.
>
> I have a last resort test where I have a mixed bag of counterweights.
>
> Andrew 8)
>
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of
> > Goran Jovanovic
> > Sent: Thursday, September 08, 2005 8:33 AM
> > To: Declude.JunkMail@declude.com
> > Subject: [Declude.JunkMail] How to credit a domain
> >
> > Hi all,
> >
> > I get messages like this all the time and I am always in a
> > dilemma on what to do about them. This is a legit mail that
> > scored 10 (where I start tagging mail).
> >
> > --------------------------------------------------------------
> > ----------
> > -
> > Received: from mx.dstsystems.com [204.167.177.68] by
> > mail1.gonetworks.net with ESMTP (SMTPD32-8.13) id
> > AAD8195300F2; Wed, 07 Sep 2005 15:09:12 -0400
> >
> > X-RBL-Warning: HELOBOGUS: Domain mx.dstsystems.com has no MX
> > or A records [0301].
> >
> > X-Declude-Sender: [EMAIL PROTECTED] [204.167.177.68]
> >
> > X-Note: Reverse DNS: Sent from dstsys-cp.dstsystems.com
> > ([204.167.177.68]).
> >
> > X-Note: Tests Failed: CMDSPACE [8], HELOBOGUS [5],
> > NOLEGITCONTENT [0], SIZE-S [0]
> > --------------------------------------------------------------
> > ----------
> > -
> >
> > So this mail came from domain dstsystems.com on the IP
> > 204.167.177.68 but it is from domain ifdsgroup.com. Now my
> > preferred method of dealing with this type of problem is to
> > credit based on REVDNS. Again in this case there is a good
> > REVDNS but it is not from the same domain as the MAILFROM (if
> > it was then I would have no problem in crediting the REVDNS).
> >
> > So is there a way to figure out if dstsystems.com is a e-mail
> > hosting company and then I would not want to credit the
> > REVDNS as I do not know what other domains they host.
> >
> > If I cannot figure out the link then I would not credit
> > REVDNS and would move to step 2. Credit HELO. HELOs can be
> > spoofed but in this case the HELO is basically the same as the
REVDNS.
> >
> > Next step is crediting MAILFROM. This I can do with the
> > ifdsgroup.com and lower the score for e-mail from this
> > domain. Again it can be spoofed but ...
> >
> > I would prefer to credit REVDNS as that cannot be spoofed but
> > I am leery of crediting an "unknown" domain when it does not
> > relate to the MAILFROM address.
> >
> > Any thoughts on how (if possible) to connect the two domains?
> > Or do I simply drop down to option 3 and credit MAILFROM? I
> > suppose that I could try and figure out the admin responsible
> > for dstsystems.com and tell them to fix the HELOBOGUS error
> > in which case my problems would (mostly) go away.
> >
> > Any thoughts and comments are appreciated.
> >
> > Thanks
> >
> >
> > Goran Jovanovic
> > The LAN Shoppe
> > ---
> > This E-mail came from the Declude.JunkMail mailing list. To
> > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
> > type "unsubscribe Declude.JunkMail". The archives can be
> > found at http://www.mail-archive.com.
> >
> ---
> This E-mail came from the Declude.JunkMail mailing list. To
> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
> type "unsubscribe Declude.JunkMail". The archives can be found
> at http://www.mail-archive.com.
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
