On Thu, 2006-11-09 at 23:06 -0500, Dirk the Daring wrote: > # Check #3 > # HELO should not contain "localhost"
How effective is this for you? Do you run into false positives? > # Check #4 > # If the HELO is an FQDN, the index and rindex of "." will not > be the same > # This catches the spammer using domain.tld (which will slip > # by Check #2) I check that the HELO must have a ".", but I haven't gone any further than that. Does this work well for you? Any false positives? Richard
signature.asc
Description: This is a digitally signed message part
_______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang