To be completely correct, it should actually read:
%.yahoo.com
or otherwise, it'd let in things like fakeyahoo.com, ispam4yahoo.com,
etc. The trailing "%" is a bad idea for
any real domains, in any case, and the domain should be delimited in
front, as well.
One thing you should know : policyd do lookup based on *Reverse DNS*
and not domain name.
This is one of the thing that I really love about policyd !! ( hats off
to Cami to come up with this brilliant idea )
For my brief analysis, spammer :
* Have no control over Reverse DNS.
* Does not want to have control over Reverse DNS.
* Does not send spam from their own IP address
I dont think spammer is stupid enough to get hold of an IP address
range, set up their reverse DNS
and then discover that within few hours of spamming their IP ended up in
blacklist.
I subscribe to zen.spamhaus.org feed + bl.spamcop.net, and I use it to
reject email before it reach policyd.
Maybe these blacklist did a good job at that time and I didn't see any
spammer faking reverse DNS.
I suspect that the trailing % was to catch domains like yahoo.co.uk, yahoo.in,
etc. Given the other problems noted though I think it best to explictly list
the known domains rather than add the trailing %.
Thats the idea. I've seen a lot of yahoo.com.au, yahoo.co.uk, yahoo.fr
about 8 to 9 months ago.
It seems yahoo consolidating their server and only sending email from
%yahoo.com now.
I only discover following yahoo's domain but they dont send much email :
* %yahoo.co.jp
* yahoo.no
* yahoo.com.cn
* yahoo.fr
So I guess you should remove trailing % from %yahoo.com% .
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
policyd-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/policyd-users
