Re: [Exim] forgery protection ACLs

Góra strony
Delete this message
Reply to this message
Autor: Odhiambo G. Washington
Data:  
Dla: exim-users
Temat: Re: [Exim] forgery protection ACLs
--
* Richard Welty <rwelty@???> [20031209 09:26]: wrote:
> well, i installed one of the recommended forgery protection ACLs,
> only to get the following:
>
> 2003-12-09 07:10:02 H=[64.4.47.24] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.47.24
> 2003-12-09 07:10:09 H=[64.4.8.80] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.8.80
> 2003-12-09 07:10:21 H=[64.4.15.109] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.15.109
> 2003-12-09 07:11:57 H=[64.4.8.84] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.8.84
> 2003-12-09 07:12:07 H=[64.4.8.87] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.8.87
> 2003-12-09 07:13:26 H=[64.4.14.15] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.14.15
> 2003-12-09 07:15:06 H=[64.4.9.68] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.9.68
> 2003-12-09 07:16:00 H=[64.4.23.114] temporarily rejected EHLO or HELO hotmail.com: Access temporarily denied. Resolve failed PTR for 64.4.23.114
>
> which would be fine, except that 64.4.0.0/18 does actually belong
> to hotmail according to whois records.
>
> so for those who have used these acls for a while, is this config
> blowing off legit hotmail users, or is it ok to ignore email from
> hotmail IPs w/o rDNS?



I noticed a similar situation here yesterday and I know the rule
involved. What I am wondering is why the IP I tested (the ones
that we rejected by this rule) all didn't seem to accept connections
to port 25 (as mail servers). Perhaps some firewalling/config that
makes them "outgoing" only?

Besides that, I am also asking the same question you are asking.



        cheers
       - wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington                     . WANANCHI ONLINE LTD (Nairobi, KE)  |
<wash at wananchi dot com>              . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223                 . # 10286, 00100 NAIROBI             |
GSM: (+254) 733 744 121                 . (+254) 020 313 985 - 9             |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
                         --from a /. post
--
[ Content of type application/x-pkcs7-signature deleted ]
--