Hi, On Mon, Oct 30, 2006 at 03:23:21PM -0800, John Rudd wrote: > I've written a plugin for Spam Assassin that does the relay checks I
...and here was me just working out how to get exim to check this, and have SpamAssassin add a score, and your mail arrived :-) > 1) no RDNS for the machines that aren't intended to talk to the outside > world > > 2) RDNS that doesn't lead back to a valid A record > > 3) RDNS that is forged (leads to an A record which doesn't resolve back > to the IP you started with) > > 4) Contains the hosts IP address within the hostname > > 5) Contains standard key words within the hostname (but not in the TLD > nor registered domain name), such as "dhcp", "dialup", "dial-up", "dsl", > etc. I'm also thinking about connections that use one of these "I'm on an ADSL line"-type names for the HELO string. Not directly rejecting, again, just adding a score on. If this really was just home connections, then I'd block directly. As there are some legitimate businesses (with braindead ISPs) as already pointed out, adding an extra score shouldn't matter for them (unless they actually are sending spam, which is a different matter altogether). > The two files you need (put them in /etc/mail/spamassassin ... or > wherever you want to put your plugins) are: I'll drop it on our mailers (probably with a smaller score than the default) and let you know how many times the phone rings before I have to tweak it or remove it ;-). Matthew -- Matthew Newton <[EMAIL PROTECTED]> UNIX and e-mail Systems Administrator, Network Support Section, Computer Centre, University of Leicester, Leicester LE1 7RH, United Kingdom
