HELO antispam checks (was: [plug] Addresses still in archives.)
Luke Dudney
ldlist at westnet.com.au
Mon Oct 18 14:45:54 WST 2004
Craig Ringer wrote:
>I'm increasingly coming to believe it's a lost cause. In addition to
>mailing lists that don't mangle addresses, there are a _great_ many
>Windows users out there with address-harvesting spyware. Correspond with
>a user of an infected machine - even via a mailing list - and you're
>toast.
>
>Google is currently finding ~5050 hits on a search for my email address,
>and that's just the public stuff on the web.
>
>That said, I'm finding a strict MTA, plus fairly forgiving SpamAssassin
>checking, works extremely well. Simple things help a lot. For example,
>since reconfiguring Postfix on Friday to reject mail from servers that
>HELO as "localhost" my spam volumes have fallen dramatically - it's
>quite amusing watching the logs.
>
>
>
<snip>
I do that too.
$ grep "localhost.* Helo command rejected:" /var/log/maillog |wc -l
129
Another tip: put your server's hostname and any IP addresses it resolves
to in that list too. Looks like a lot of proxy raping software will use
the destination mail server's hostname / IP address in their HELO. To my
knowledge, this has not blocked _any_ legitimate mail.
$ grep "Greeted me with my own hostname" /var/log/maillog |wc -l
6489
Cheers
Luke
More information about the plug
mailing list