Wow, thanks! That’s certainly not
obvious. I had always assumed that the line “Received: from mail14.pikou.vip
([23.110.134.117] verified)” meant that CGP had verified that
23.110.134.117 really was mail14.pikou.vip. Not so,
apparently. Seems counter-intuitive. Cheers,
--
Gib Henry
On 5/20/17 10:59 AM, Nicolas Hatier
wrote:
The blacklist by DNS name does a PTR request on the IP address.
While mail14.pikou.vip has an A record pointing to 23.110.134.117,
23.110.134.117 does not have a PTR record pointing to
mail14.pikou.vip.
On 2017-05-20 10:55, Gib Henry wrote:
I am currently set to block
all traffic originating from the top-level domain .vip:

However, that appears to fail,
because this message came through:
Return-Path: <23-174-11971677.LjExMC41NC4xNDY-pm-1-1-36983-312-hvotzem524@mail14.pikou.vip>
Received: from mail14.pikou.vip ([23.110.134.117] verified) by…
I see rejections from
mrsend.it, so I know the detection can work. What am I
missing in this case? Can I not block an entire top-level
domain? Cheers,
--
Gib Henry
|