Re: [Exim] exim HELO ack

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMExim Users List at <-
MMWakko Warner at ->
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Richard Welty
CC: Exim Users List
Subject: Re: [Exim] exim HELO ack
> it depends on your circumstances. there's a sound reason to exclude
> relay_hosts from the FQDN test at corporate sites where internal M$ hosts
> are likely using non-FQDNs when sending mail.

Agreed. At home I don't cater to M$ users. At work I have to and they are
excluded from many of my checks.

> once you make sure that you're not excluding legit hosts, i see no reason
> not to use drop at the earliest possible moment when you are reasonably
> certain you're dealing with a bad actor like a virus infested M$ box.
> likewise, if a host is listed in opm.blitzed.org or cbl.abuseat.org, it's
> almost certain to be a program that isn't going to care about the 5xx
> you're sending back, so you might as well detect and drop as early as
> possible.

1) blocking as soon as I can can save on bandwidth and processing time.
2) If doing #1 causes clients to see the failure as retryable, they are
dropped into a blacklist at my firewall. Usually I do that per host (rarely
per netblock) and the per hosts only stay blocked until I reboot the
firewall (like that actually happens =)

--
Lab tests show that use of micro$oft causes cancer in lab animals


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re[2]: [Exim] exim HELO ackRe: Re[2]: [Exim] exim HELO ack->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)