false positive?

Antony Stone Antony at SOFT-SOLUTIONS.CO.UK
Tue Aug 12 21:11:22 IST 2003


On Tuesday 12 August 2003 9:02 pm, Tim Tyler wrote:

> Matt,
>   Yes, but what about when sites use the same hostname as their domain
> name? For instance, we have beloit.edu as our domain while also using
> beloit.edu as our hostname for our faculty/staff smtp server.  Its not
> totally clear to me why it should be assumed that the lack of a hostname
> extension is necessarily a violation of any welcome rules.

It isn't, for the majority of domains.

The FAKE_HELO_DOTCOM rule only applies to the specific domains listed in the
regex:

> >20_head_tests.cf:header RCVD_FAKE_HELO_DOTCOM    Received =~ /^from
> >(?:msn|yahoo|you
> >rwebsite|lycos|excite|cs|aol|localhost|koreanmail|allexecs|mydomain|juno|e
> >udoramail| compuserve|desertmail|excite|caramail)\.com \(/m

In other words, only the following domains will match:
msn.com
yahoo.com
yourwebsite.com
lycos.com
excite.com
cs.com
aol.com
localhost.com
koreanmail.com
allexecs.com
mydomain.com
juno.com
eudoramail.com
compuserve.com
desertmail.com
excite.com (no, I don't know why it's listed twice either)
caramail.com

Mail from any other domain will not match this rule.

Regards,

Antony.

--

I can resist everything but temptation,
I can tolerate everything but intolerance,
and I can survive everything but death.



More information about the MailScanner mailing list