Re: [exim] slowing spammers with iptables -m recent

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Tony Godshall
Date:  
À: Alan J. Flavell
CC: Exim users list
Sujet: Re: [exim] slowing spammers with iptables -m recent
According to Alan J. Flavell,
> On Sun, 27 Nov 2005, Tony Godshall (replying to me):
>
> > > I'd recommend blocking patterns of dynamic/generic IP addresses at
> > > RCPT time, such as this adsl-63-195-120-242.dsl.snfc21.pacbell.net
> > > (wildcards or regexes can be useful, also there are dnsRBLs that you
> > > can use). Then you won't need to get as far as verifying their
> > > envelope sender domain.
> >
> > Oh, that one *is* a problem. I have a static ip myself, but
> > it's dhcp-configured by my cable company, quite likely in
> > the middle of a dynamic block. People who follow advice
> > like like yours are blocking legit people like me. Like
> > freakin Verizon does.
>
> Well, I'm sorry, but your categorisation of "legit" is unfortunate:
> the truth is that you're going to find increasing numbers of potential
> recipients who will refuse mail on that basis, no matter how "legit"
> you consider yourself to be.

...

> For a free-er exchange of mail, you should be using a reliable
> smarthost (assuming that you are unable to get your own IP address
> "properly" registered to the satisfaction of the mail admin
> community). That's just the way that things are - irrespective of
> what I might think or say personally about the matter.

...

Well, it is in DNS and it does have SPF records. I guess I'll
go dig up the specifics to your vague recommendation if it
becomes a problem beyond just the one ISP. Thanks for the
pointer, though.

It's just a form of social darwinism, I guess. I know of at
least two Verizon customers who have moved their e-mail off
the Verizon servers because of overly agressive blocking.
It's a good thing for Verizon for now (reduces their mail
load by a tiny tiny fraction) but it also means these people
now have more mobility- they can change ISP without having
to change e-mail addresses again. ISPs who block to
agressively will lose customers and those who accept too
much will also lose customers. It's a tricky balance, I'm
sure.

T