[Exim] Blacklisting dynamic IP ranges versus dyndns.org

Top Page
This message is part of the following thread:
M---\the complete thread tree sorted by date
M...M 
M\M.MKevin P. Fleming at ->
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: [Exim] Blacklisting dynamic IP ranges versus dyndns.org
A topic that's come up a few times lately with us is how to accept
mail from 'good guys' who are registered with dyndns.org when their IP
is in a range that's otherwise blacklisted as a spam source.

Sure, if we know in advance who they're going to be, we could
whitelist them; but that wasn't my point.

The normal scenario would be that exim examines their IP, and finds
that it's blacklisted - in an RBL or by CIDR or by having a PTR lookup
of the, let's say, *.dsl.some-big-isp.example flavour which has
spammed us in the past. None of this directly shows up that this
particular caller happens to have a dyndns.org entry. And their PTR
entry does not help (as the dyndns.org web page also confirms).

From the log entry, one can typically see that they presented a
*.dyndns.org name in their HELO. There are some "good guys" in
there...

I don't see anything discussed in the mailing list archive about
strategies to handle this. Is it too new a situation, or am I missing
something?

One approach could seem to be to take the presented HELO name, note
that it's a *.dyndns.org pattern, look it up in the DNS, and verify
that it matches their IP...?

cheers (exim4 is the context).




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-RE: [Exim] Exim 4, virtual domains not using /etc/passwdRe: [Exim] Blacklisting dynamic IP ranges versus dyndns.org->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)