Author: Edgar Lovecraft Date: To: exim-users Subject: Re: [exim] support for domainkeys
Mark Moseley wrote: > .[snip].. >
> Ironically, my best numbers are from HELO checks (like checks for a HELO
> of just IPs, forged IPs, etc, i.e., not DNS checks on the HELO data),
> which netted 2 million rejects yesterday, and again with no more than
> one or two false positives over the course of months.
> Which makes me conclude that I'll worry more about spammers being clever
> enough to deploy SPF records and undermining its effectiveness *after*
> they get smart enough to use legit-looking HELO data ;)
Which is exactly why I keep saying that these types of things need to be
more widespread, and enforced to a greater degree of compliance, as
no matter what a zombie machine does, it will never be able to set the
EHLO string to a properly reversed A record.