Thanks Scott for clearing things up for me.. Since all my dailup and highspeed customers have correct revdns and everyone outside our network have to use smtp auth (running WHITELIST AUTH) then there should be no implications to do a spamdomain with fament.com. If this is the case then time to add all my own domains in there and cut of another potential spamhole...
Best regards, Eje "Aya" Gustafsson mailto:[EMAIL PROTECTED] The Family Entertainment Network http://www.fament.com Phone : 620-231-7777 Fax : 240-376-7272 - Your Full Time Professionals - Online Store http://www.wisp-router.com/ MikroTik, Star-OS, PACWireless, EnGenius, RF Industries -- >>Yet this piece of mail did come though with a very low rate and didn't >>fail the HOLOBOGUS ? >> >>Received: from fament.com [63.165.214.42] by imail.fament.com with ESMTP >> (SMTPD32-8.03) id AD019930280; Sat, 22 Nov 2003 19:27:29 -0600 RSP> That's because the HELO is "fament.com", and fament.com has an MX RSP> record. Therefore, it is a valid HELO. RSP> However, 63.165.214.42 is not in the MX record of fament.com, so: >>X-Tests-Failed: IPNOTINMX, REVDNS. RSP> it failed the IPNOTINMX test. >>Wouldn't helobogus add it's weight to it ? Or have I miss understood >>the helobogus test ? How can I punish servers that try claim be from >>my domain like the above ? RSP> HELOBOGUS just looks for bogus HELO entries (such as random characters, IPs RSP> masquerading as hostnames, and made-up domains). RSP> IPNOTINMX checks for IPs that aren't listed in the sender domain's MX RSP> records (note that it is not unusual for legitimate mail to be sent this way). RSP> In this case, SPAMDOMAINS may be the best answer, as it will require the RSP> reverse DNS entry of the sending computer to include the domain name in the RSP> return address -- but only for domains that you specify. So if you list RSP> "fament.com", this mail would have been caught. But if you do list your RSP> domain, you need to be sure that people sending mail through your server RSP> come from IPs with your domain in the reverse DNS entry. >>And how could the score end up at -2 ? What is the math behind it. RSP> Declude JunkMail adds all the weights for the E-mail, which came out to -2 RSP> here. RSP> The confusing parts are things like negative weights (either kind -- a test RSP> that has a weight of "-2", or a test that has a weight that is added for RSP> E-mail that does NOT fail the test, like the IPNOTINMX and NOLEGITCONTENT RSP> tests), and filters where multiple lines can match. RSP> -Scott RSP> --- RSP> Declude JunkMail: The advanced anti-spam solution for IMail mailservers. RSP> Declude Virus: Catches known viruses and is the leader in mailserver RSP> vulnerability detection. RSP> Find out what you've been missing: Ask about our free 30-day evaluation. RSP> --- RSP> [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] RSP> --- RSP> This E-mail came from the Declude.JunkMail mailing list. To RSP> unsubscribe, just send an E-mail to [EMAIL PROTECTED], and RSP> type "unsubscribe Declude.JunkMail". The archives can be found RSP> at http://www.mail-archive.com. -- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
