On 3/9/2005 1:38 PM, Eric A. Hall wrote: > I think the four affected rules are RCVD_HELO_IP_MISMATCH, > RCVD_NUMERIC_HELO, RCVD_ILLEGAL_IP, RCVD_BY_IP
Extending the problem report--it seems that these rules don't fire in some instances. I haven't really checked this out yet, but addresses with a leading octet of 111, 123, and some others at or below ~130 seem to get skipped entirely (so does 99 and a few other two-digit numbers). Further, in keeping with the notion that all-numeric is illegal, high-numbered decimals (eg, 789) don't trip the RCVD_NUMERIC_HELO rule either. Let me know what you the plan is on this as I can add these kinds of tests to my private set, but would rather not if they'll be in the core set. -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/