[Mimedefang] HELO + PTR countr-code TLD matching
David F. Skoll
dfs at roaringpenguin.com
Wed Feb 4 10:24:36 EST 2004
On Wed, 4 Feb 2004, Mark wrote:
> I am actually rather pleased with the result. :) It seems quite an effective
> early-out mechanism to weed out spam at the SMTP stage. And it feels pretty
> benign too; it requires no PTR; but if one is present, with a country-code
> TLD not matching a present HELO country-code, then, and only then, I cry
> spam.
If you restrict it to country codes, it might be pretty safe. However,
I can easily see a host identifying itself as "foobar.net" resolving
to "foobar.com" on the reverse lookup.
I coded up your rule; right now, it just logs a message, but if it looks
good, I'll use it.
Thanks!
Regards,
David.
More information about the MIMEDefang
mailing list