Author: W B Hacker Date: To: exim users Subject: Re: [exim] SORBS
Chris Lear wrote: > * Chris Lightfoot wrote (10/11/06 11:12):
>> On Thu, Nov 09, 2006 at 08:44:38PM -0000, Hill Ruyter wrote:
>>> But does that really mean I should not be allowed to have a mail server ?
>>> or rather does that mean I should therefore be classed as a second class
>>> SMTP Citizen
>>> because I have struck a particular deal with my ISP ?
>> yes, according to the enthusiasts for these lists.
>>
>
> Those enthusiasts would advise that you use your ISP's mail relay as a
> smarthost for outgoing mail. You haven't said whether that's a
> possibility, but assuming it is, it will fix your problem. [It's what I do].
>
> But this story does add some weight to Chris' crusade against denying
> based on blacklists.
>
> Chris
>
Perhaps so. An RBL can be wrong, out of date, or simply inappropriate.
But the RFC supports denying based on rDNS fail, so no RBL needed if the
arriving IP has no PTR and the HELO is either not a fqdn at all, or is a fqdn
that belongs to other-than (at least) the same <domain>.<tld> as the connection IP.
Witness the massive attempts to forge major-ISP HELO (which will resolve) when a
spambot is actually arriving from a compromised WinBox in a residential adsl
pool (some of which now ALSO 'resolve' - witness /24's assigned to a PTR).
Sorry... many of us cannot *afford* the 'be generous in what you accept..'
approach any longer on that score.
There are just too many such arrivals, and too few 'unintentional' violaters
among them.
Best we can do is delay hard-denial until we can check manual and auto
whitelists, and be willing to 'make a hole' for known correspondents on BL'ed
networks.
Even that is a fiddle.
There isn't much lacking in the RFC's.
What is lacking is recognition that we need to apply them.