Re: [Exim] Re[2]: Demise of ORBZ

Top Page
Delete this message
Reply to this message
Author: Greg Ward
Date:  
To: exim-users
CC: Kevin Sindhu, Richard Welty
Subject: Re: [Exim] Re[2]: Demise of ORBZ
[Richard Welty mentions his list of spammer domains]
> http://www.krusty-motorsports.com/sender_reject, and could be fetched


Great idea to put this on the web. I maintain sender blacklists on
three servers, two running Exim and one qmail. Any time someone pisses
me off, I have to update /etc/exim/spammers on one machine,
/etc/exim/blocked_senders on another, and /etc/qmail/control/badmailfrom
on the third. It's a PITA, but worth it if I spot someone spamming
server #1 before they get to servers #2 and 3.

I wonder if it would be possible/practical to put this information in a
DNS-style blacklist. Eg. when an MTA receives

MAIL FROM:<spammer@???>

then it does a DNS query for some-string-derived-from
"spammer@???" against an "address blacklist" DNS zone, and then
for "jerks.net" against a "domain blacklist" DNS zone. If either
matches, boot the jerk out now. Same idea as Exim's sender_reject, but
with all the advantages of an IP address DNS blacklist. It could
probably work with Exim's "dnsdb" lookup method; dunno if other MTAs
would support it though.

Has anyone heard of something like this being tried?

        Greg
--
Greg Ward - software developer                gward@???
MEMS Exchange                            http://www.mems-exchange.org