I am testing a small external test program. A message fails the test
if there is an discernable IP address in the HELO entry of the
message. These fail the test: > Received: from host-68-212-107-146.msy.bellsouth.net [68.212.107.146] by mrpcap.com > Received: from ip-62-129-160-91.evhr.net [62.129.160.91] by mrpcap.com > Received: from acs-24-154-41-142.zoominternet.net [24.154.41.142] by mrpcap.com Only the bolded part of the line (HELO name) is tested. Basically, dashes become 'dots', and anything other than numbers and dots are stripped out. If what remains looks like a valid 4-octet IP address, the test fails. These entries would NOT fail -- stray number make the location of the IP ambiguous > Received: from wbar3.lax1-4-8-227-083.dsl-verizon.net [4.8.227.83] by mrpcap.com > Received: from c-24-125-42-12.va.client2.attbi.com [24.125.42.12] by mrpcap.com For testing, I set it up with 0 weight and a HOLD action. So far, it has not flagged anything that was not spam. If anyone is interested in trying it out, let me know. I'll probably be putting it up for download from my web site later this week. -- ------------------------------------------------------------------- illigitimi non carborundum ------------------------------------------------------------------- Bud Durland, CNE Mold-Rite Plastics Network Administrator http://www.mrpcap.com ------------------------------------------------------------------- |
- Re: [Declude.JunkMail] New test Bud Durland
- Re: [Declude.JunkMail] New test andyb
- Re: [Declude.JunkMail] New test Glenn Brooks
- Re: [Declude.JunkMail] New test Dave Doherty
- RE: [Declude.JunkMail] New test Kevin Bilbee
- RE: [Declude.JunkMail] New test Markus Gufler
- Re: [Declude.JunkMail] New test Bud Durland
- RE: [Declude.JunkMail] New test => EHLOFILTE... Markus Gufler
- Re: [Declude.JunkMail] New test => EHLOF... Bud Durland
- Re: [Declude.JunkMail] New test Bud Durland
- RE: [Declude.JunkMail] New test Andy Schmidt