Depending on which bypass/exemption you're going to use, either
4servers\.com or the IP address are what you want to use.
The "bluehill.com" part is the smtp HELO argument, and botnet currently
ignores that.
Robert Fitzpatrick wrote:
I applied BOTNET rules yesterday and have some legitimate mail getting
blocked and looking for the best way to bypass. I added 'bluehill\.com'
to the list of botnet_pass_domains, is that correct or should I be
adding '4servers\.com' or both?
Received: from bluehill.com (67-30-129-1.4servers.com [67.30.129.1])
by esmtp.webtent.net (WebTent ESMTP Postfix Internet Mail Gateway) with
ESMTP i$
for <[EMAIL PROTECTED]>; Tue, 10 Apr 2007 08:20:27 -0400 (EDT)
