On 1/14/2012 6:40 AM, Charles Marcus wrote: > I was more interested in what specific changes he made in order to use > it as a HELO blacklist, and how and why it avoided false positives when > it is used the way we have been using it
It wouldn't really require any changes. You could use it with check_helo_access as is. The reason it avoids FPs in this usage is just what he stated: legit MTAs with generic rDNS are going to HELO with a real hostname, not the rDNS string. -- Stan