Re: [exim] What's up ith the uceprotect blacklist?

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: W B Hacker
CC: exim users
Subject: Re: [exim] What's up ith the uceprotect blacklist?


W B Hacker wrote:
> At least at one time (I am NOT current) AOL, IIRC was 'claiming to' treat the
> connect-query-abort-without-traffic callout sequence as a probe and blacklisting
> the source. Dunno if they actually *did* do so, but we don't need to find out,
> so ..
>
> OTOH, any 'fixed base' spammer with 'proper' DNS entries, or a DynDNS resolver
> service, can easily configure so as to 'verify' any address queried, hosted or not.
>
> The majority of bogus 'senders' seem to come off of bogus servers, that do NOT
> have these credentials, so forward/reverse lookup, HELO mismatch, and dynamic-IP
> RBL hits - which are at least cached/cachable - are already a pretty good
> indicator.
>
> All manner of hits here are posted to .csv files and/or PgSQL DB table from
> which we generate our own 'recently rude' local BL - not of the whole world, but
> of the ones that have targeted *our* servers.
>
> YMMV,
>
> Bill
>
>


uceprotect is the only one I'm having trouble with now. Since Exim
caches results the callout load isn't unreasonable. Occasionally I need
to white list some servers to get around false positives. Sender
Verification done right is one of my best tools.