Re: [exim] dnsbls

Top Page
Delete this message
Reply to this message
Author: Renaud Allard
Date:  
To: Martin A. Brooks
CC: exim-users, exim-users-20071221
Subject: Re: [exim] dnsbls


Martin A. Brooks wrote:

>
> So, if i understand your argument correctly, if the PTR were
> "z0mgpuppieslolzw000000000000pony.antibodymx.net", that would make my
> email somehow more likely to be legitimate? How do you know that
> "z0mgpuppieslolzw000000000000pony" isn't somehow derived from the IP
> address? Short anwer: you don't. Blocking mail from known DSL and/or
> dynamically assigned IP ranges is one thing, blocking mail based on the
> rDNS hostname format is, errrm, brave.
>
>


Spamassassin with stock settings and using DNS does issue a very high
score on PTR that seem generic. So your mail may end up rejected by
spamassassin if your PTR looks like too generic.

For example:
194.78.221.35 (35.221-78-194.adsl-fix.skynet.be) incorrectly presented
itself as DC.aztek-int.local

X-Spam-Score: 10.3 (++++++++++)
X-Spam-Report: pts rule name              description
    ---- ----------------------
--------------------------------------------------
    4.4 HELO_DYNAMIC_IPADDR2   Relay HELO'd using suspicious hostname (IP addr
    2)
    4.2 HELO_DYNAMIC_SPLIT_IP  Relay HELO'd using suspicious hostname (Split
    IP)
    1.6 TVD_RCVD_IP            TVD_RCVD_IP
    0.0 HTML_MESSAGE           BODY: HTML included in message
    0.1 RDNS_NONE              Delivered to trusted network by a host with
no rDNS