spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David B Funk <dbf...@engineering.uiowa.edu>
Subject Re: HELO_DYNAMIC false positives on a UK web host
Date Thu, 09 Dec 2010 23:18:39 GMT
On Thu, 9 Dec 2010, Karsten Br├Ąckelmann wrote:

> On Thu, 2010-12-09 at 14:43 -0800, John Hardin wrote:
> > > It appears that a client can easily set up hosting using cPanel or
> > > something without ever setting the rDNS or hostname to anything other
> > > than the numeric default.
> >
> > Is there anything in the headers that indicates cpanel is in use? Perhaps
> > a meta on cpanel
>
> Proof a mail system has been set up and is being maintained by clicking
> through a simple UI system. Strong hint the operator doesn't know much
> about such systems, and likely not about properly securing auth either.
>
> > + dynamic-looking-rDNS would be worth a negative point or two...
>
> Plus proof the operator indeed doesn't know, or doesn't care. You think
> that's worth a negative score?
>

Maybe not a true negative score but null out the HELO_DYNAMIC rules
score penalty. IE if it's running cpanel then strong probability that
it has a static IP address. (what's the point of running a server
with a dynamic address.)

The poor operator may be totally clueless about how his actual IP address
appears on the net.
he's some smuck who bought a cheap hosting service for his business and
just did the point-and-click monkey dance to get his store on-line.

-- 
Dave Funk                                  University of Iowa
<dbfunk (at) engineering.uiowa.edu>        College of Engineering
319/335-5751   FAX: 319/384-0549           1256 Seamans Center
Sys_admin/Postmaster/cell_admin            Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{

Mime
View raw message