> -----Original Message----- > From: MySQL Student [mailto:mysqlstud...@gmail.com] > Sent: Monday, 17 August 2009 10:56 a.m. > To: SpamAssassin Users List > Subject: Re: Barracuda RBL in first place > > Hi, > > > So perhaps instead of adding another RBL, maybe some admins need to > > consider adding in some HELO checking / rejection. > > Can you explain a bit more here? What are you checking for, that the > host is valid? > > Thanks, > Alex
Sure. Firstly, the server requires that a HELO command is sent to start the SMTP session. Without that, the connection will be dropped - this in itself drops quite a bit of Spam. Secondly, the argument to the HELO command is checked as to whether it is in Fully Qualified Domain form - if not, the connection is dropped. Our clients are all setup for this to work properly. That's it. We have an additional option: "Require resolvable hostnames" for HELO arguments, but do not use that. We have made 6 exceptions for hosts that do not pass the HELO argument properly, that are out of our control, but known to our network (ie: trusted via VPN, etc). They haven't relayed any Spam either ;) Cheers, Michael Hutchinson
