Re: [Exim] Using ACLs to verify RCPT TO

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Tony Finch at <-
MMGiuliano Gavazzi at ->
Delete this message
Reply to this message
Author: Tim Jackson
Date:  
To: exim-users
Subject: Re: [Exim] Using ACLs to verify RCPT TO
Hi Tony, on Thu, 01 Jan 2004 15:33:18 +0000 you wrote:

> Alan Flavell:
> >I'd rather tell them that they are blacklisted
> >(whether by local blacklists or RBLs) than assist them in their
> >trawling expeditions by handing out information on the (non-)existence
> >of particular local parts.
> It's a very bad idea to accept email for invalid addresses,

I think what Alan was getting at was not that it's good to accept invalid
addresses, but rather to check DNSBLs *before* checking the recipient
validity (rather than the other way round, as was suggested), on the basis
that it prevents spammers who are listed in a blacklist from checking
lists of users.

I've pondered the two options myself, and have never really decided the
best course: checking the DNS lists first may obviously cause some extra
load (depending on the relative 'cost' of a DNS/blacklist lookup as
opposed to a local recipient lookup on your system). But on the other hand
it does prevent known spammers doing dictionary-list lookups and getting
useful results.

Tim


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Using ACLs to verify RCPT TORe: [Exim] Using ACLs to verify RCPT TO->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)