Greylisting (WAS: gif attachments)

Dennis Willson taz at
Thu Aug 24 18:52:52 IST 2006

Your simple HELO check probably takes less time and cycles to do than 
the DNS checks. I too make sure that the HELO doesn't use my mail 
servers own name or IP address, and yes I would catch most of those 
further on, but catching as many as possible as early and with less 
work as possible appears to me to be a good thing.

On Wed, 23 Aug 2006 19:27:39 -0700
  John Rudd <jrudd at> wrote:
>On Aug 23, 2006, at 5:43 PM, Matt Kettler wrote:
>>Michele Neylon:: wrote:
>>>John Rudd wrote:
>>>>a) had no PTR record,
>>>Reasonable enough
>>>>b) PTR and A record didn't match, or
>>>So what about shared hosting??
>>Should work fine. He's not talking about comparing the PTR to the 
>Yeah, while I do some HELO filtering, I don't require that the HELO 
>matches the PTR record.  Even what little HELO filtering I do (don't 
>give me my own name in the helo string) is technically an RFC 
>violation, but I'm comfortable with being just that out of spec. 
> Anything more than that would be, IMO, inappropriate.
>Though, looking through my nightly reports, I see that my DNS rules 
>would catch 95% of those hosts anyway... so I may drop what little 
>HELO filtering I'm doing.
>>What John really means is that:
>>Given an IP address, perform a PTR lookup. Take the results of that 
>>PTR lookup
>>and perform an A lookup on it. That should end up with the IP address 
>>started with.
>>So he's looking for ip != A_lookup( PTR_lookup(ip))
>Mostly correct.   The A_lookup can return multiple IP addresses, 
>however so it's more like:
>grep ip A_lookup(PTR_lookup(ip))
>Sort of.
>MailScanner mailing list
>mailscanner at
>Before posting, read
>Support MailScanner development - buy the book off the website! 

Dennis Willson

taz at

Ham: ka6lsw
Scuba: Rescue Diver, EANx, Wreck, Night, Alt, Equip, UW Photographer, 
Gas Blender

Life should not be a journey to the grave with the intention of 
arriving safely in a nice looking and well preserved body, but rather 
to skid in broadside, thoroughly used up, totally worn out, and loudly 
proclaiming, "WOW! WHAT A RIDE!"

More information about the MailScanner mailing list