Re: [exim] Integrating URI Blacklists into Exim

Top Page
Delete this message
Reply to this message
Author: Dave Lugo
Date:  
To: exim-users
Subject: Re: [exim] Integrating URI Blacklists into Exim
On Thu, 18 May 2006, Marc Perkel wrote:
> > I'm glad it helps you, but for the folks[1] with domains that
> > are heavily forged by spammers, the callbacks themselves are
> > a additional DoS they have to deal with.
> >
> > [1] not me, but others I know.
> >
>
> Not if it's done right. Exim caches results avoiding repeated calls. And
> I do a trick with dictionary attacks where I will return a DEFER on an
> IP address for a 5 minute period if they commit certian sins that get
> their IP on my 5 minute defer lists.
>


(no cc needed, thanks)

I'm not saying don't do callbacks, but while your idea isn't a
bad one, it may not help much when you're dealing with a spammer
with thousands of compromised boxes they're sending through.

For smallish receivers doing the callbacks, this really isn't
that big a deal (at least imho). The case I'm thinking about
was one large provider's setup beating up a domain that had
literally a handful of legit Rcpt_Tos.

-- 
--------------------------------------------------------
Dave Lugo   dlugo@???    LC Unit #260   TINLC
Have you hugged your firewall today?   No spam, thanks.
--------------------------------------------------------
Are you the police?  . . . .  No ma'am, we're sysadmins.