--- On Fri, 6/1/12, Philip Prindeville <philipp_s...@redfish-solutions.com> wrote: > I've noticed that the impersonations inevitably come from > DHCP address pools according to ZenBL.
Then your reason is not based on the HELO hostname they present but the fact that they are dynamic assignments. I suggest that your default for dynamic assignments should be to deny them. Leave the HELO name alone. I use a set of sendmail rules to check for dynamic assignment type hostnames -- but permit an access database check BEFORE the dynamic check so I may define exceptions. I check for certain strings in the dynamic name as well as an IPv4 address (forward or reversed; separated by dots or dashes). However, watch out for certain side-effects -- examples: "dsl" sometimes appears in non-dynamic hostnames like "dslextreme.com." "pool" is sometimes used in dynamic names, but more often refers to swimming-pool related domains and similar other uses. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang