Autor: Christian Schmidt Data: A: exim-users Assumpte: Re: [exim] Port Tests to Verify the Sending Hosts
Hello Marc,
Marc Perkel, 07.03.2005 (d.m.y):
> I don't think anyone would disagree that a host that has port 465 open
> is more likely not to be a spammer.
IMO you can't derive that from a (non)open port 465.
Each host may be configured in an individual way, serving this on port
x and that on port y.
> We are also running blacklist tests against the host IP and I am doing
> DNS lookups for the nameservers of the class C range of the revers DNS
> to get a fingerprint about who is hosting the potential spammer.
>
> So - the more general question is - are there tests that we can do on
> the connecting host that would provide useful information to determin if
> they are a spammer or not a spammer.
Well, you've already mentioned a lot of tests that can be run
"against" the sending host (indirectly via DNS, RBL etc.), and I don't
think that there is any simple way to judge from open ports if the
server is used by spammers or not.
Regards,
Christian Schmidt
--
Besser ein "Original" als ein Clo(w)n.