Mailing List Archive: HTTP checks on sending IP

HTTP checks on sending IP

May 12, 2020, 10:26 PM

Post #1 of 4 (507 views)

Not a long time ago, there was an very interesting thread post about the idea of reverse check of the website content of sending IP...
To my remember even a "spamassassiner" wrote a plugin for that.
Honouring my terrible (lack of) brain, i cannot find those posts. Please can anyone help me to find them or point me to the plugin?
Thanks in advance...
------------Pedro.

Re: HTTP checks on sending IP [ In reply to ]

dominic at timedicer

May 12, 2020, 10:58 PM

Post #2 of 4 (507 views)

Permalink

On Wed, 13 May 2020 at 06:27, Pedro David Marco <pedrod_marco@yahoo.com> wrote:
>
> Not a long time ago, there was an very interesting thread post about the idea of reverse
> check of the website content of sending IP...
>
> To my remember even a "spamassassiner" wrote a plugin for that.
>
> Honouring my terrible (lack of) brain, i cannot find those posts. Please can anyone help me to find them or point me to the plugin?

I believe the thread you are referring to is from Feb-Mar 2019 here:
http://spamassassin.1065346.n5.nabble.com/Spam-rule-for-HTTP-HTTPS-request-to-sender-s-root-domain-td154612.html

I was using the OP's suggested rule (which calls his server), but on
checking I see that it has not triggered since 1 October 2019, so I
have now turned it off; presumably he turned off his server facility a
long time ago. He provided the code to set up your own at
https://github.com/mikernet/HttpCheckDnsServer, but I have not tried
this.

Re: HTTP checks on sending IP [ In reply to ]

pedrod_marco at yahoo

May 12, 2020, 11:16 PM

Post #3 of 4 (507 views)

Permalink

Thanks a lot Dominic!!!!
-----Pedro
On Wednesday, May 13, 2020, 07:58:56 AM GMT+2, Dominic Raferd <dominic@timedicer.co.uk> wrote:

On Wed, 13 May 2020 at 06:27, Pedro David Marco <pedrod_marco@yahoo.com> wrote:
>
> Not a long time ago, there was an very interesting thread post about the idea of reverse
> check of the website content of sending IP...
>
> To my remember even a "spamassassiner" wrote a plugin for that.
>
> Honouring my terrible (lack of) brain, i cannot find those posts. Please can anyone help me to find them or point me to the plugin?

I believe the thread you are referring to is from Feb-Mar 2019 here:
http://spamassassin.1065346.n5.nabble.com/Spam-rule-for-HTTP-HTTPS-request-to-sender-s-root-domain-td154612.html

I was using the OP's suggested rule (which calls his server), but on
checking I see that it has not triggered since 1 October 2019, so I
have now turned it off; presumably he turned off his server facility a
long time ago. He provided the code to set up your own at
https://github.com/mikernet/HttpCheckDnsServer, but I have not tried
this.

Re: HTTP checks on sending IP [ In reply to ]

rwmaillists at googlemail

May 13, 2020, 3:01 PM

Post #4 of 4 (500 views)

Permalink

On Wed, 13 May 2020 06:16:27 +0000 (UTC)
Pedro David Marco wrote:

> I believe the thread you are referring to is from Feb-Mar 2019 here:
> http://spamassassin.1065346.n5.nabble.com/Spam-rule-for-HTTP-HTTPS-request-to-sender-s-root-domain-td154612.html
>
> I was using the OP's suggested rule (which calls his server), but on
> checking I see that it has not triggered since 1 October 2019

I didn't find it very useful. I think an early version did a
synchronous test on the first lookup for a domain, but that lead to
poor latency, and it could FP on a web server that was temporarily
down, so it became fully asynchronous. It wasn't possible to get a hit
until N minutes after the first lookup. I think N was dropped to 8
minutes after starting much higher.

I found it hit practically nothing on the original scan, but quite a
lot of spam on retesting. I don't think there was nearly enough spam
being tested against the list to support that kind of delayed
background listing.