[Rspamd-Users] HFILTER_HOSTNAME_UNKNOWN possible evaluation bug?
Josef Vybíhal
josef.vybihal at gmail.com
Thu Oct 20 08:57:08 UTC 2022
Hello,
I have noticed that some messages sent to us hit the HFILTER_HOSTNAME_UNKNOWN.
By further investigation I have found out that in fact the sender (as
far as my knowledge goes) has his PTR/FCrDNS in order.
Example:
$ dig -x 18.185.115.19 +short
repost01.tmes.trendmicro.eu.
$ dig repost01.tmes.trendmicro.eu +short | grep '18.185.115.19'
18.185.115.19
What goes on here is, that the 'repost01.tmes.trendmicro.eu' record
has multiple A records defined:
$ dig repost01.tmes.trendmicro.eu +short
18.185.115.15
18.185.115.20
18.185.115.13
18.185.115.30
18.185.115.18
18.185.115.7
18.185.115.2
18.185.115.14
18.185.115.22
18.185.115.24
18.185.115.23
18.185.115.29
18.185.115.8
18.185.115.28
18.185.115.25
18.185.115.9
18.185.115.6
18.185.115.19
18.185.115.3
18.185.115.1
18.185.115.5
18.185.115.12
18.185.115.4
18.185.115.21
18.185.115.17
18.185.115.0
18.185.115.27
18.185.115.31
18.185.115.26
18.185.115.16
18.185.115.11
18.185.115.10
Is that a bug in rspamd evaluation or maybe I am missing something here?
Thanks
Josef
More information about the Users
mailing list