2009/4/30 Terry ( 1stKMH ) <[email protected]>: > Ive been using this > > > deny message = inconsistent or no DNS reverse entry for > $sender_host_address > !sender_domains = > /usr/local/etc/exim/whitelisted-domains > !authenticated = * > condition = ${if eq{$host_lookup_failed}{1} {1}{0}} > > which I picked up off the list and its been working well for dropping > lots of spam but ive also had the odd false positive like this one > > 2009-04-30 14:26:20 [4717] H=(clearview01.clearviewdns.net) > [69.56.235.170]:2835 I=[94.76.221.176]:25 F=<[email protected]> > rejected RCPT <[email protected]>: inconsistent or no DNS reverse entry > for 69.56.235.170 > > Is there a better way of doing this ? > Hi, I'm the one who posted the rdns acl some time ago. What I did to avoid false positives is to extract from this list in here (http://phpweby.com/software/ip2country) the countries I receive most of the legit mail, reducing it to /24 or larger nets. After that you some thousands of entries that skip this acl improving greatly the false positives problem.
Also, doing a whois, you can get the ip range of that isp. whois 69.56.235.170 CIDR: 69.56.128.0/17 This way you can trust the big block of ips from the planet.com Hope it helps -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
