Re: [exim] Whilelisting a single IP

Top Page
Delete this message
Reply to this message
Author: Bill Hacker
Date:  
To: exim
Subject: Re: [exim] Whilelisting a single IP
Marc Haber wrote:
> On Mon, 21 Nov 2005 10:04:23 -0600, "Roberto Salvatierra"
> <chuby@???> wrote:
>
>> deny    !hosts = natsp-43-netra20.ice.co.cr
>>         dnslists = relays.visi.com:bl.spamcop.net:relays.ordb.org:sbl-xbl.spa
>>         message = host is listed in $dnslist_domain

>
>
> Blocking on spamcop is a idea _so_ bad that even the spamcop operators
> (clueless as they are) recommend against doing so.
>
> Greetings
> Marc
>


On *that* we agree. ;-)

But it is not totally useless.

What 'works for me' is to separate the RBL callouts into at least two
grades of accuracy, then
load a (different) integer into a variable on each 'hit'.

The same variable has been incrementing on protocol errors since 'CONNECT'.

Towards the end of the run, the spamcop and sorbs numbers alone are just
short of my 'trigger' level, so an otherwise 'clean' submission whose
only sin is being on (a)dsl or having an odd <tld> can still pass to the
next stage, whereas a spamhaus hit alone could be death.

But *IF* there were also a couple of protocol violations, lookup
failure/ EHLO mismatch or such, the cumulative total *will*
hit the tripwire even on a low-priority spamcop hit.

Most of the nastier callers never even make it to the RBL check.

Bill