On 27 Aug 2009 at 9:07, James Brown wrote: > I think the problem is that it says it originates from > example.com: > > Received: from forgedsnd.example.com ([127.0.0.2]) by > forgedrcv.example.com with fakesvc;
This test is suspect. Few filters judge solely on the previous Received header because there are so many bad MTAs out there which use internal names. As for their assertion that the header has a blacklisted address, that's questionable as 127.0.0.2 is a valid loop-back address but which is also used for testing DNSBL. Besides, it's not always useful to test previous received headers because of false positives against some blacklists, and it should never be done against non- routable addresses like this. DNSstuff should know better. Of course, like some of the anti-virus testers, it would be possible to devise rules which caught this sample, but that wouldn't make it any better at catching real-world spam. paul ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
