Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Jose Ildefonso Camargo Tolosa (ildefonso.camargogmail.com)
Date: Sat Dec 20 2008 - 08:11:24 CST
On Sat, Dec 20, 2008 at 11:09 PM, Jorey Bump <listjoreybump.com> wrote:
> Jose Ildefonso Camargo Tolosa wrote, at 12/19/2008 08:47 PM:
>> On Fri, Dec 19, 2008 at 7:19 AM, Jorey Bump <listjoreybump.com> wrote:
>>> Jose Ildefonso Camargo Tolosa wrote, at 12/18/2008 06:28 AM:
>>>> I think you should send more info on your config, for example:
>>>> MX record for your domain.
>>>> myhostname entry from main.cf
>>>> these two should match.
>>> There is no requirement that these match. They are completely unrelated.
>> I said: should. There are some spam filters which uses the hostname
>> provided by the server and make several verifications like:
>> + Is the hostname listed as a MX for the domain?
> Such a filter would be broken. MX records are used only to specify the
> destination for a domain's mail, not the origin. Don't take my word for
> it, look at your maillog. You will immediately see that the client host
> is unlikely to match any MX record for much, if not most, of the
> legitimate mail you accept (it certainly won't for gmail, hotmail,
> etc.). Your own message doesn't even pass this test.
I agree, but I have seen some spam filters which actually do that (a
bogus McAfee's box, actually filtered-out gmail's mail).
> In Postfix, $myhostname is the default for multiple settings, as seen
> when running this command:
> postconf -d | grep myhostname
> Not a single one of them has anything to do with the MX record. There is
> absolutely no benefit in having $myhostname match your domain's MX
> record. Suggesting that this will solve a configuration problem is a red
>> + Does the hostname *forward* resolve to the IP I'm being contacted from?
> I agree that would be nice, but requiring the HELO/EHLO hostname to
> resolve to the client IP address would reject an unacceptable amount of
> legitimate mail (at least on my systems).
Yes, that's for HELO/EHLO.
Yeah, say that to hotmail.... and McAfee... and other vendors that I
can't remember right now.
>> + Does the IP *reverse* resolve to the hostname?
> See above. For some international email, you can't even expect the
> client IP address to resolve to a PTR at all (although the situation
> seems to be improving).
True, but the same applies here, for example, hotmail's filter will
refuse mails that doesn't pass the FCrDNS test, well, unless you have
sent mail from your hotmail account to that address (I think it
whitelist the address). So did a spam filter (bogus, if you ask me)
that a client had (McAfee), we replaced it with ASSP, and now it
filter more spam, with less false positives.
> Strictly speaking, it would be useful to score based on FCrDNS:
> But that begins only with a reverse lookup on the client IP address and
> doesn't consider the HELO/EHLO hostname at all.
Well.... some spam filters use HELO/EHLO *AND* the client IP address.