Quoting Wolfgang S. Rupprecht (wolfgang+gnus20030730T085014@wsrcc.com):
> 
> john@sixgirls.org (John Klos) writes:
> > I've examined all of the spam I've received over the past few months, and
> > it seems that around 75% of all of the spam that does get past my current
> > filters (spamcop and orbd) would be blocked by #1, and that of all of the
> > servers which connect with address literals, half would be rejected by #2.
> > I have seen one false positive (the admin of the sending server was happy
> > to add a DNS entry for his SMTP server), and no instance of legitimate
> > email which came from a server which used an address literal.
> 
> One of the reasons I switched from sendmail to postfix was the
> stronger checking of things like helo string.  If you are interested
> in playing, I've got a slightly simplified example of what I run here
> on this page:
> 
>         http://www.wsrcc.com/spam/
> 
> The helo string is checked for syntax (eg. has a dot) and if it passes
> it is checked to make sure that the claimed hostname has an MX or A
> record.  Postfix doesn't check the claimed name against the list of IP

And yet the RFCs say NOTHING about this being required.
You can't lookup "foo.house.snew.com" as an internal only
domain, yet a box I used to get a mail or two out in a pinch
used that.

We could discuss that "evilspammer.com" gets blocked for having
the word "spammer" in it and that it's never actually SENT spam
(I used it in classes for years, so I registered it).