On man 15 mar 2010 14:42:22 CET, Christian Gregoire wrote
Using SA 3.3.0. Any reason why RDNS_NONE now scores 1.3, when it was
down to 0.1 with the previous releases ?
The score was pretty much informational only previously and arbitrarily
set. The current score is what the mass-checks and GA result in.
The below headers trigger the rule only because the remote LAN SMTP
client, with IP 10.10.3.3, has no rDNS.
Received: from my.public.name ([<public_IP>] helo=john.fr)
by mymta.fr with esmtps (TLSv1:AES256-SHA:256)
id 1NowHH-0003o7-ED
for m...@address.fr; Tue, 09 Mar 2010 11:03:03 +0100
Received: from exim by john.fr with spamout-scanned-ok id 1NowHG-00054b-TU
for m...@address.fr; Tue, 09 Mar 2010 11:03:02 +0100
Received: from [10.10.3.4] (helo=MYPC)
by john.fr with esmtp id 1NowHD-00054Q-SY
for m...@address.fr; Tue, 09 Mar 2010 11:03:02 +0100
I'd rather say, for example, 1.3 for the last gateway, and 0.1 for the
others.
I guess you need to correct your trusted and internal networks. The rule
does not deep parse, and never has.
header __RDNS_NONE X-Spam-Relays-Untrusted =~ /^[^\]]+ rdns= /
describe RDNS_NONE Delivered to trusted network by a host with no rDNS
That host with an IP in a private, reserved range (the originating IP,
running the MUA?) delivered directly to your MX, as it seems...
Here is the picture : a PC whose local IP address is 10.10.3.4 (with
no rDNS) submits a message to its SMTP gateway (john.fr), which in
turn delivers it to my plateform. It's an anonymous delivery to one
of my local domains, but not from a trusted network. So you mean I
should add all RFC1918 networks to my trusted_networks ?
the mail server just need a fqdn for 10.10.3.4 in local dns server,
and if your wan ip have this done from your isp, then problem is gone
man hosts
man nscd
man resolv.conf
dig myclient.local
host 10.10.3.4
get them to match, and make sure your dhcp server use them
--
xpoint http://www.unicom.com/pw/reply-to-harmful.html