The only downside would be inadvertently blocking legitimate hosts. For example, if you only searched for the keyword "cable", you'd block "customermail.cable.example.com", which might be an ISP's mail server. By the same token, only searching for the IP address would block hosts like "11-22-33-44.businessdsl.example.com", which might be a real company's mail server.
Finding both the keyword and the IP address seemed to be a reasonable compromise to me. I could certainly add the ability to block only based on keywords but I fear it would be more often misconfigured (and thus cause more problems) than not. -- Sam Clippinger [EMAIL PROTECTED] wrote: > At 11:00 AM 8/9/2007, [EMAIL PROTECTED] wrote: > >> You're hitting two different problems. First, remove the trailing dot >>from the keyword in the file. spamdyke already ensures any keywords it >> finds are surrounded by non-alphanumeric characters. This is so a >> keyword like "dialup" is not found in "11223344.notdialup.example.com". >> >> Second, the keyword AND the IP address of the incoming connection must >> be found in the reverse DNS name to trigger the filter. spamdyke >> searches the rDNS name for many different possible formats of the IP >> address. In the example below, the IP address is not part of the name, >> so the filter wasn't triggered. > > Thanks. I needed the two weeks you were gone to figure out that it > requires *both* to trigger the filter. > > Is there a downside to having the filter triggered by either (OR) > rather than both (AND)? > > Bucky > > > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users