Thomas Bolioli wrote:
Yeah, this is the problem with the Botnet ruleset. I had to stop using
it. It assumes that one IP, one domain with regards to mail. If your
mail server handles multiple domains, whichever domain the rDNS points
to will be fine. Any others will fire off.
That's not even close to true (the assumptions nor the results).
If rDNS and DNS are properly set up for the machine, then it wont matter
what virtual domains are hosted on the system. As long as the rDNS
leads back to a valid DNS record, which leads back to the same IP, it
wont matter if that rDNS machines that mail domain, a different mail
domain, or no mail domain at all.
The only case in which Botnet cares about mail domains (virtual or
otherwise) is when trying to make an automatic exception. And even
then, the result you describe isn't what happens. There is no case in
which valid DNS and rDNS has been set up that multiple domains or
virtual mail domains is a problem for Botnet.
If you think there is a case where Botnet breaks down for
multiple/virtual mail domains, where DNS and rDNS are properly set up,
put your money where your mouth is and give a real world example. Give
the IP address(es), and the mail domains that go with them that you
think will have a problem.
If you want to stop the
bot net mails heading into your inbox, make sure your RBL lookups are
working. Those are much better than the botnet plugin.
Except of course that there aren't any public/free RBLs that are
comprehensive enough to make your statement have even a small amount of
value. Which is part of the reason Botnet was created.