Right, but I'm talking about suspicious, not invalid. Just like there's suspicious helo (where IP in helo doesn't match the sender IP, I'd like to see suspicious helo line customizations to SCORE questionable helos just like the current implementation does, just allowing us to customize it (like giving anything with "dynamic" in it a penalty score.
Along the same lines of invalidPTRRe, it'd like suspiciousPRTRe, where anything with dynamic, dyn-, host- or whatever in it could be marked as suspicious, not invalid. Does this make sense? On Wed, Sep 23, 2009 at 4:00 PM, Thomas Eckardt/eck <thomas.ecka...@thockar.com> wrote: >>Come to think of it, might it be good to have a suspicious HOSTNAME >>regex/file so that reverse lookups of the IP could trigger scoring? > > > invalidPTRRe > > Thomas > > > > > K Post <nntp.p...@gmail.com> > 23.09.2009 20:34 > Bitte antworten an > ASSP development mailing list <assp-test@lists.sourceforge.net> > > > An > ASSP development mailing list <assp-test@lists.sourceforge.net> > Kopie > > Thema > [Assp-test] Suspicious Helos > > > > > > > Is there any way to expand on what we categorize as a supicious helo? > > For example, an aweful lot of spammers seem to come from hosts that > have the word "dynamic" in the helo. Some legitmate senders have this > too, so I wouldn't want to set this as an invalid helo, but > suspicious, yes. > > Come to think of it, might it be good to have a suspicious HOSTNAME > regex/file so that reverse lookups of the IP could trigger scoring? > > ------------------------------------------------------------------------------ > Come build with us! The BlackBerry® Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart your > developing skills, take BlackBerry mobile applications to market and stay > ahead of the curve. Join us from November 9-12, 2009. Register > now! > http://p.sf.net/sfu/devconf > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > DISCLAIMER: > ******************************************************* > This email and any files transmitted with it may be confidential, legally > privileged and protected in law and are intended solely for the use of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > ******************************************************* > > ------------------------------------------------------------------------------ > Come build with us! The BlackBerry® Developer Conference in SF, CA > is the only developer event you need to attend this year. Jumpstart your > developing skills, take BlackBerry mobile applications to market and stay > ahead of the curve. Join us from November 9-12, 2009. Register now! > http://p.sf.net/sfu/devconf > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test > ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
