Re: [Exim] envelope-sender blacklisting - thoughts?

On Tue, 13 Apr 2004, Andrew - Supernews wrote:

> Any particular professional spammer?

I could name a couple that showed up, but the purpose of the posting
was more to discuss the technical principle, than to stir the
trolls...

> It would be possible to do this in ACLs if only the dnsdb lookup could
> be fixed to behave in a controllable manner on deferrals. (It's
> possible to do it anyway, but at the cost of permanently deferring all
> mail from sites with certain types of DNS problems.)

Well, if a site's DNS problems mean that they can't get mail from us,
then - with few exceptions - we don't really want to accept mail from
them (except perhaps for our postmaster/abuse addresses). That's true
of verify=sender (which we do by default) as much as for
verify=sender/callout (which we do for domains that we have
specifically listed for that).

If we spot ongoing defers taking place as a result of either of those
clauses, then, for the few sites we want to be specially nice to, we
whitelist them, while for the rest we put them into an "unreachable
domains" file, causing them to get a prompt failure in the ACL
thereafter, until we can confirm that their problem is resolved.

I don't think the ACL situation would be fundamentally different, but
probably I'm missing something? Wouldn't be the first time today ;-}

Anyhow, as I said in my original posting, I've tentatively added a
couple of IP ranges listed in SPEWS/SBL which were causing a nuisance,
to our ignore_target_hosts clause. The one problem with this is that
it's hard to see where it has triggered, since the log shows just the
same report as it would for a non-existent domain, i.e in effect the
lookuphost router pretends that the relevant spammers' domains don't
exist.