Sorry guys, today, your two answers were classified as Virus/Spam
(unofficial) and I had to fetch them from quarantine :)
A virus was found: SecuriteInfo.com.Spam-111760.UNOFFICIAL
Scanner detecting a virus: ClamAV-clamd
The reason was mentioning the PTR of 107.150.1.216 in the mail. This is
a well-known hosting provider whose infrastructure was frequently used
to operate spam servers.
From: Reindl Harald
because "suomenporakaivo.fi" != "107-150-1-216-host.<...>"
because "suomenporakaivo.fi" != "107.150.1.216"
In most of spam I get ehlo and rDNS are different. Absolute equality
with rDNS is not required. In SMTP (RFC 5321), the client must specify a
name or IP literal in HELO/EHLO that identifies it. rDNS itself is
useful for reputation checks, but there is no requirement that EHLO ==
rDNS.
From: Matus UHLAR
while the IP has PTR record, the name in PTR does not exist, so nobody
will
seriously use its content.
Didnt know that it also checks the name in PTR. I put this info into my
docu as a reminder.
Best regards,
Thomas B
