Hello, these keywords .net and .com are used just for testing if IP is in reverse DNS listed. Is not done against normal reverse DNS records for servers like mail.somedomain.net. So in combination with keyword reject-ip-in-cc-rdns and .net in file /etc/spamdyke/ip-in-rdns-keyword-blacklist-file it will reject mail from 242-29-179-94.pool.ukrtel.net because that sender will be positively tested as not valid reverse DNS.
use just net without that '.' is not suficient because SPAMDYKE use this '.' as flag for testing end of string only. So listing .com and .net does magic for SPAMDYKE when it testing IP in reverse DNS for country code DNS, like .it,, .uk etc it does same for .com and .net. Personally I did add into that file other ones special domains like .eu, .org, .info, .biz. These should not be used by ISP providers for assigning reverse names, but who knows. Anyway it doesn't hurt my configuration and I'm preparded. Eduard Švarc DATA Intertech s.r.o. Kladenská 46 160 00 Praha 6 Czech Republic tel. +420-235365267, fax +420-235361446 [email protected] wrote on 14.12.2009 09:55:45: > thanks Eduard Švarc > > Same query as david stiller raised, .com, .net are valid domain right? > > also > > @400000004b25fa572bd181a4 CHKUSER accepted rcpt: from <fx...@bmelaw. > com::> remote <microsof-7b1919:unknown:94.179.29.242> rcpt > <[email protected]> : found existing recipient > @400000004b25fa572bd2316c spamdyke[27021]: ALLOWED from: > [email protected] to: [email protected] origin_ip: 94.179. > 29.242 origin_rdns: 242-29-179-94.pool.ukrtel.net auth: (unknown) > > the above ip is listed in rbl , > > IP Address Lookup > > [image removed] > > 94.179.29.242 is not listed in the SBL > 94.179.29.242 is listed in the PBL, in the following records: > PBL239543 > 94.179.29.242 is not listed in the XBL > > > > > this doesnt look like false positive > > From: Eduard Svarc <[email protected]> > To: spamdyke users <[email protected]> > Sent: Mon, December 14, 2009 12:48:07 PM > Subject: Re: [spamdyke-users] spamdyke configuration finetuneing > > > Hello, > > I see you have two things out. 1st you using RBLS, that could give > you a lot positive false spam. 2nd you completely have commented out > best thing in SPAMDYKE. Is sniffing IPs in reverse DNS. Most of bots > and spams comming from Internet zombies. Here are my advices: > > 1 - comment out dns-blacklist-entry=zen.spamhaus.org > 2 - uncoment reject-empty-rdns, reject-ip-in-cc-rdns, reject- > missing-sender-mx and reject-unresolvable-rdns > 3- into /etc/spamdyke/blacklist_recipients add your domain in format > @your-domain (it will block all mails like to: n...@your-domain from: > n...@your-domain) > 4- into /etc/spamdyke/ip-in-rdns-keyword-blacklist-file put these words : > > dsl > .com > .net > broadband > dynamic > > I could guarantee you will fall bellow 1% of SPAM with nearly zero > false positives. Of course someone who can't follow certain > guidelines for theirs servers will not be able to send you e-mails > at all. But you can easily handle it by adding IP's in > /etc/spamdyke/whitelist_ip or adding senders into > /etc/spamdyke/whitelist_senders > > I stop using any RBLS services ages ago, they are way unreliable. > > Good luck, > Eduard Švarc > > DATA Intertech s.r.o. > Kladenská 46 > 160 00 Praha 6 > Czech Republic > tel. +420-235365267, fax +420-235361446 > > [email protected] wrote on 14.12.2009 07:24:03: > > New Windows 7: Find the right PC for you. Learn more. > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
