This is parts of a header I received and I just want to check a few things
So the spammer thought that he would use my IP address in the HELO line 205.150.108.8 to identify his domain, even though his real IP address is 220.185.227.109?
Obviously an IP address is not a valid domain so it fails the HELOBOGUS test?
It failed the HELOISIP test because the domain was an IP address?
Yes. It would be more correct to say that HELOISIP failed because the domain _contained_ an IP address. 205.150.108.8.this.is.a.host.name would also have failed HELOISIP
It failed the HELOISIPX test ... not sure why since there is no reverse
DNS to parse?
It failed HELOISIPX because the host name is a "pure" IP address. "205.150.108.8.this.is.a.host.name" will *not* fail HELOISIPX.
In the next release, both tests will not fail host names bracketed IP format "[205.150.108.8]"
-- ------------------------------------------------------------------- illigitimi non carborundum ------------------------------------------------------------------- Bud Durland, CNE Mold-Rite Plastics Network Administrator http://www.mrpcap.com -------------------------------------------------------------------
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.