You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Nikolay Shopik <sh...@inblock.ru> on 2007/08/24 22:00:31 UTC

HELO dns resolution

Hi list,

I would like to know if there already rule exist. Parsing receive 
headers check HELO existing in DNS and if not increase score.
Checked docs for SA and found only eval:check_rbl and this is seems not 
what I'm need at all, correct me if I'm wrong.

Re: HELO dns resolution

Posted by Matt Kettler <mk...@verizon.net>.

Nikolay Shopik wrote:
> Hi list,
>
> I would like to know if there already rule exist. Parsing receive
> headers check HELO existing in DNS and if not increase score.
> Checked docs for SA and found only eval:check_rbl and this is seems
> not what I'm need at all, correct me if I'm wrong.
>
>
AFAIK, There's no such rule, you'd have to write a plugin to do it.

That said, such a rule isn't particularly attractive or interesting.
Hosts are not required to use HELO strings that are resolvable. They
SHOULD use resolveable helo's, but they aren't required to. As such, I'd
expect the false positive rate on this rule to be substantial.

What are you trying to accomplish by this? Detecting mail sent by
botherders? Try the botnet plugin.

http://marc.info/?l=spamassassin-users&m=118636799417123&w=2