[Asterisk-Users] Digium list server and spam assassin
Tony Hoyle
tmh at nodomain.org
Thu Oct 20 13:13:53 MST 2005
Jason Pyeron wrote:
> But the etiquette for SMTP is the HELO is done with a reverse friendly
> name.
>
> This 'assists' in detection of spoofed dns spamming.
It doesn't need to be the same though, only resolve to the same.
if lists.digium.com == 69.16.138.164 then it is correct, and that's all
the spoof checking you need.
Doing the reverse check for 164.138.16.69.in-addr.arpa is unnecessary,
and will break in a great many legitimate cases, since ISPs often don't
allow the reverse dns to be set independently (even for corporate networks).
The network scores for FORGED_RCVD_HELO, btw. are 0.05 (no bayes), and 0
(with bayes)
That means that if you have bayes enabled it's a no-op, and even with no
bayes you're only going to be adding 0.05 to the score... it'd need 100
other scores like that to be spam.
Tony
More information about the asterisk-users
mailing list