link to HELO_DYNAMIC_IPADDR
converted to 1.6 markup
|Deletions are marked like this.||Additions are marked like this.|
|Line 14:||Line 14:|
|The default scores for this rule can be found [http://spamassassin.apache.org/tests.html in the online list of tests].||The default scores for this rule can be found [[http://spamassassin.apache.org/tests.html|in the online list of tests]].|
|Line 16:||Line 16:|
|See also [:Rules/HELO_DYNAMIC_IPADDR]||See also [[Rules/HELO_DYNAMIC_IPADDR]]|
|Line 18:||Line 18:|
|The IETF's [http://www.ietf.org/html.charters/dnsop-charter.html dnsop] working group
has a draft memo regarding a [http://tools.ietf.org/html/draft-msullivan-dnsop-generic-naming-schemes-00 suggested naming scheme] for reverse DNS.
|The IETF's [[http://www.ietf.org/html.charters/dnsop-charter.html|dnsop]] working group
has a draft memo regarding a [[http://tools.ietf.org/html/draft-msullivan-dnsop-generic-naming-schemes-00|suggested naming scheme]] for reverse DNS.
SpamAssassin Rule: HELO_DYNAMIC_DHCP
Standard description: Relay HELO'd using suspicious hostname (DHCP)
An untrusted relay used a hostname (FQDN) as a HELO argument during a SMTP transaction that appears to suggest a dynamically allocated hostname. For example "dhcp192-0-2-32.example.com".
This style of hostname is commonly found in the reverse DNS records for dynamically allocated addresses. It's possible that a spam-engine on a hijacked PC will use a reverse DNS lookup of its own address to formulate a valid HELO argument.
The default scores for this rule can be found in the online list of tests.
See also Rules/HELO_DYNAMIC_IPADDR