Hi, I'm using exim for many years now and over time I have developed a - more or less - complex set of filtering rules to prevent SPAM.
One of my main assumptions is that legitimate mail servers do (should) have proper forward and reverse DNS records - however, that's not always the case. quite often I've read things like this here on this list: > In acl_smtp_connect: > > verify = reverse_host_lookup > > "Real folks" MTA have DNS creds. Botnet WinZombies do not. QED. And that's right. REAL folks MTA do have DNS creds. But there's another species: hosted web-servers ... *argh* Many of them provide things like newletters etc. And some of them host forums or - even worse - web shops where email is essential - however, most email from this kind of hosts comes from [email protected] and a reverse lookup to this host leads to something like static-123-456-789.some-provider-net. Of course forward and reverse DNS records on these hosts typically don't match and most of the time there isn't even a valid MX record for the domain listed in the envelope-from :-( That kind of mail gives me every reason to reject it - however, my customers/users do want it - for comprehensible reasons ... It's not my user's fault the the moron running the web shop has no clue about smtp/dns/rfcs et. al. And there's other things that show that some sources of legitimate email clearly aren't well configured mail-servers. Some of them for example send bad EHLO (plain hostname, no dots, no domain part) or invalid sender_domains, but they're still not SPAM. I'm currently using manually maintained white lists to deal with that. How do you deal with stuff like that? Ideas welcome. - Karl -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
