Re: [exim] IPs which spam for many, many, domains

Top Pagina
Delete this message
Reply to this message
Auteur: Tony Finch
Datum:  
Aan: Alan J. Flavell
CC: Exim users list
Onderwerp: Re: [exim] IPs which spam for many, many, domains
On Tue, 16 Aug 2005, Alan J. Flavell wrote:
>
> So I'm looking for a some way to disambiguate these reports. If we
> stay with the same mechanism, I suppose we can insert an extra router
> before the unknown_domains, which is only activated for IP entries in
> the ignore_spammers list, and produces a more-appropriate error
> report.
>
> But maybe someone has a better approach than this to dealing with the
> original problem, namely the conveyer belt of thousands of spamming
> domains which all resolve to IP address(es) which are under control of
> the spammer...?


I have wondered if ignore_target_hosts is generally the right approach -
perhaps something deliberately more brittle would be better in some cases.
It might be worth augmenting the dnslookup router so that it recognizes
two kinds of bad MX records: the ignorant (for which ignore_target_hosts
does the right thing) and the abusive. For the latter we could have a
reject_target_hosts option, perhaps with a reject_target_hosts_message
which would be used like cannot_route_message.

In order to do this without source changes, I think you'd have to use the
dnsdb lookup. I suspect it would be fiddly.

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}