Szerző: Wakko Warner Dátum: Címzett: Richard Welty CC: Exim Users List Tárgy: Re: [Exim] exim HELO ack
> it depends on your circumstances. there's a sound reason to exclude > relay_hosts from the FQDN test at corporate sites where internal M$ hosts
> are likely using non-FQDNs when sending mail.
Agreed. At home I don't cater to M$ users. At work I have to and they are
excluded from many of my checks.
> once you make sure that you're not excluding legit hosts, i see no reason
> not to use drop at the earliest possible moment when you are reasonably
> certain you're dealing with a bad actor like a virus infested M$ box.
> likewise, if a host is listed in opm.blitzed.org or cbl.abuseat.org, it's
> almost certain to be a program that isn't going to care about the 5xx
> you're sending back, so you might as well detect and drop as early as
> possible.
1) blocking as soon as I can can save on bandwidth and processing time.
2) If doing #1 causes clients to see the failure as retryable, they are
dropped into a blacklist at my firewall. Usually I do that per host (rarely
per netblock) and the per hosts only stay blocked until I reboot the
firewall (like that actually happens =)
--
Lab tests show that use of micro$oft causes cancer in lab animals