> Of course what is missing in the log entry above is the > claimed HELO name. Given that I could try and resolve that to an IP and > then > compare that IP to relay IP, which would be a more reliable check.
I think you'll find that relay IPs<=>reverse ptrs<=>helo names hardly ever match in real life. > Perhaps a better heuristic for me to try is to take the sender's domain, > convert that to an IP address, and then check to see if the relay address > is an MX for the sender, or in the same /24 as the sender, or has a 'pass' > in the SPF records. Keep in mind that the only bad thing that happens if > the heuristic fails is that the message is not tempfailed. This is a good point that you aren't bouncing the email for this, just tempfailing for grey listing purposes. I wonder for how much longer greylisting will be effective though. I figure ratware will eventually have to figure it out, no? Regards, KAM _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
