Jason Pyeron wrote:
But the etiquette for SMTP is the HELO is done with a reverse friendly
name.
This 'assists' in detection of spoofed dns spamming.
It doesn't need to be the same though, only resolve to the same.
if lists.digium.com == 69.16.138.164 then it is correct, and that's all
the spoof checking you need.
Doing the reverse check for 164.138.16.69.in-addr.arpa is unnecessary,
and will break in a great many legitimate cases, since ISPs often don't
allow the reverse dns to be set independently (even for corporate networks).
The network scores for FORGED_RCVD_HELO, btw. are 0.05 (no bayes), and 0
(with bayes)
That means that if you have bayes enabled it's a no-op, and even with no
bayes you're only going to be adding 0.05 to the score... it'd need 100
other scores like that to be spam.
Tony
_______________________________________________
--Bandwidth and Colocation sponsored by Easynews.com --
Asterisk-Users mailing list
[email protected]
http://lists.digium.com/mailman/listinfo/asterisk-users
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
