[Declude.JunkMail] Creating a country filter

[Matthew Bramble]

I've found a lot of foreign mail servers associated with spam and missing many of the lists, so I'm looking to create a filter for it.  Since there are about 250 country codes that I would want to score on, it seems more prudent to do the test the other way around and only add points if an E-mail passes a filter of domains that I don't prejudice.  So I am thinking that my filter would look like the following: -- global.cfg entry -- C:\IMail\Declude\goodTLDs.txt    x    0    3 -- Filter File: goodTLDs.txt -- HELO    0    ENDSWITH    .aero HELO    0    ENDSWITH    .biz HELO    0    ENDSWITH    .com HELO    0    ENDSWITH    .coop HELO    0    ENDSWITH    .edu HELO    0    ENDSWITH    .gov HELO    0    ENDSWITH    .info HELO    0    ENDSWITH    .int HELO    0    ENDSWITH    .mil HELO    0    ENDSWITH    .museum HELO    0    ENDSWITH    .name HELO    0    ENDSWITH    .net HELO    0    ENDSWITH    .org HELO    0    ENDSWITH    .us HELO    0    ENDSWITH    .ca HELO    0    ENDSWITH    .uk HELO    0    ENDSWITH    .cc HELO    0    ENDSWITH    .gb HELO    0    ENDSWITH    .to HELO    0    ENDSWITH    .tv So in other words, if the TLD didn't match one of the above, 3 points would be added to the score (I believe).  From what I can tell, anything that fails HELOBOGUS would also get points added from this test because I it appears that HELOBOGUS is triggered by anything that isn't a FQDN, including IP addresses (could be wrong here).  If that's the case, I would reduce the score of HELOBOGUS by the score this test gives.  That would reduce the score though on a small few HELOBOGUS failures in the event that a domain is returned with one of these TLD's that is mangled elsewhere, i.e. $fakename$.domain.com which is non-compliant but passes this test.  I don't think that is very common though. Did I get this right?  Does anyone think there is a better way to score E-mail originating from foreign mail servers (with a few exceptions)? Thanks, Matt