On Tue, 25 Jun 2019, Matus UHLAR - fantomas wrote:
On Mon, 24 Jun 2019, John Schmerold wrote:
We had an inbound message get rejected because it was sent from a cell
phone, shouldn't SA be checking the most recent hop? Is there a way to
make this the default?
I have this in local.cf:
header RCVD_IN_rbl2spamhausz eval:check_rbl('spamhausz',
'zen.spamhaus.org.')
score RCVD_IN_rbl2spamhausz 3.5
On 25.06.19 07:52, John Hardin wrote:
I'll let others address SA issues with this, I just want to point out an
alternative:
Many sites consider Zen reliable enough for it to be used at the SMTP level
as a poison-pill DNSBL.
That would avoid any chance of it being used "too deeply"...
no. Many people consider Zen reliable enough to reject connections from
listed IP. Deep header scanning is something very different.
Yes, I'm aware of that.
Rejecting up front based on the other guy's IP address is *not* deep
scanning, so there's no risk of looking *too* deeply when you're doing
that.
What I was trying to suggest is "maybe you want to use Zen as an MTA-level
DNSBL rather than as part of the SA scan." I apologize if I didn't word it
clearly.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The ["assault weapons"] ban is the moral equivalent of banning red
cars because they look too fast. -- Steve Chapman, Chicago Tribune
-----------------------------------------------------------------------
9 days until the 243rd anniversary of the Declaration of Independence
