efa-project.org

I'd like to propose the option to add a spam score base on the Top Level Domain of de reverse-DNS of the sender.

Lately more and more spam (and phishing) seems to arriving from non-botnet spammers who go through the effort of setting up servers with functional but disposable reverse-DNS records, eluding higher spam scores.

For example: host01.leadorrin.club [103.136.40.58], radlionay.xyz [185.53.170.106], etc.
Especially the .xyz TLDs seems to be very popular lately.

I'd like to have the option to add say 5 points to the score if the RDNS TLD matches .xyz or other specified TLDs.

Hi,

why don't you write your own rules instead ?

https://taborsky.cz/posts/2020/penalizi ... massassin/

https://gist.github.com/zhiephie/def673 ... d9b5a557a4

Both posts describe adding filters based on the 'from' email address, not the TLD of the sender's reverse-DNS.

Writing your own rules is nice if you have the time, skill and documentation needed available to you.
I'd love to spend the next two weeks acquiring those but I gather my boss won't be too happy.

Aha, okay.

You will add a score, if the RDNS check points to a unwanted domain like .xyz ?

That's the idea.

I'm not sure of spamassasin does anything with reverse-DNS other than to check if one exists.