On Fri, Aug 17, 2007 at 08:47:38AM -0700, John Rudd wrote:
> Henrik Krohns wrote:
>
>> If you want a simple solution, you can try http://sa.hege.li/ for BadRelay
>> plugin.

>
> BadRelay makes a fairly fatal assumption: The MTA put the rdns into the
> Received header. I know of 2 MTAs that don't do that (they just put the IP
> address in, without the rdns name). If you're using one of those MTAs,
> then I'll bet you're going to get lots of BadRelay false positives ... just
> like the SA 3.2.1 rule for checking for no-rdns gets lots of false


I don't make any worse assumptions than SA. If it doesn't work, it doesn't
work, get a decend MTA (works for me). I don't see any point having
unnecessary stuff like Net:NS and dealing with timeout issues, since I
don't need any special checks. I just want to check rdns.

Cheers,
Henrik