[Exim] Blacklisting dynamic IP ranges versus dyndns.org

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: [Exim] Blacklisting dynamic IP ranges versus dyndns.org
A topic that's come up a few times lately with us is how to accept
mail from 'good guys' who are registered with dyndns.org when their IP
is in a range that's otherwise blacklisted as a spam source.

Sure, if we know in advance who they're going to be, we could
whitelist them; but that wasn't my point.

The normal scenario would be that exim examines their IP, and finds
that it's blacklisted - in an RBL or by CIDR or by having a PTR lookup
of the, let's say, *.dsl.some-big-isp.example flavour which has
spammed us in the past. None of this directly shows up that this
particular caller happens to have a dyndns.org entry. And their PTR
entry does not help (as the dyndns.org web page also confirms).

From the log entry, one can typically see that they presented a
*.dyndns.org name in their HELO. There are some "good guys" in
there...

I don't see anything discussed in the mailing list archive about
strategies to handle this. Is it too new a situation, or am I missing
something?

One approach could seem to be to take the presented HELO name, note
that it's a *.dyndns.org pattern, look it up in the DNS, and verify
that it matches their IP...?

cheers (exim4 is the context).