On Sat, Feb 21, 2004 at 03:58:34PM -0500, Dan Bullock wrote: > > It actually would be nice to have a broad rule that says, "if the domain > in the FROM address does not have a header with a valid/matching reverse > IP lookup in the header then score with -x points."
Unfortunately that would catch a vast amount of genuine mail too. I'd venture to guess that most domains are hosted by ISPs on multi-domain servers; only larger firms bother to run their own. And whilst I think you can return several results to a reverse IP lookup, almost no ISP actually does that. It also has implications for people who get their IP connectivity from other ISPs than the one hosting their mail (me, for instance :)). What you're trying to do, though, is being addressed by the SPF project. If you search the archives you'll find some of the problems and solutions that people are seeking to overcome. Nick
