spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David B Funk <dbf...@engineering.uiowa.edu>
Subject Re: whitelist_from_rcvd question
Date Tue, 10 Jun 2008 00:03:47 GMT
On Mon, 9 Jun 2008, Jason Bertoch wrote:

> "whitelist_from_rcvd *@greencovesprings.com
> 75-145-201-209-Jacksonville.hfc.comcastbusiness.net"
>
> is in my local.cf yet a message with the following headers didn't match.
> Any ideas?
>
> Return-Path: <ggriffin@greencovesprings.com>
> Received: from [75.145.201.209]
> (75-145-201-209-Jacksonville.hfc.comcastbusiness.net [75.145.201.209] (may
> be forged))
> by mail.electronet.net (8.14.2/8.14.2) with ESMTP id m54DeD5V009962
>  for <user@domain.com>; Wed, 4 Jun 2008 09:40:19 -0400
> From: "Gregg Griffin" <ggriffin@greencovesprings.com>
>
>
> The rules that did match are below.  I'm running sendmail 8.14.2 with SA
> v3.2.4.
>
> X-Spam-Score: 5.221 (*****)
> BOTNET,HELO_EQ_IP_ADDR,HTML_MESSAGE,RDNS_NONE,UNPARSEABLE_RELAY

whitelist_from_rcvd only works for hosts that have a valid DNS map, both
forward & reverse. This is to prevent spammers from forging a
DNS reverse map to exploit a known whitelist_from_rcvd.

As your host '[75.145.201.209]' only has a reverse map (no forward map
for that name) you cannot use whitelist_from_rcvd.

 # host 75.145.201.209
 209.201.145.75.in-addr.arpa domain name pointer 75-145-201-209-Jacksonville.hfc.comcastbusiness.net.
 # host 75-145-201-209-Jacksonville.hfc.comcastbusiness.net.
 Host 75-145-201-209-Jacksonville.hfc.comcastbusiness.net not found: 3(NXDOMAIN)

So if you can get Comcast to put in a valid DNS forward map for that
host name it should work.

-- 
Dave Funk                                  University of Iowa
<dbfunk (at) engineering.uiowa.edu>        College of Engineering
319/335-5751   FAX: 319/384-0549           1256 Seamans Center
Sys_admin/Postmaster/cell_admin            Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{

Mime
View raw message