Re: [exim] Innovative Host Blacklisting Idea

Renaud Allard wrote:
> Marc Perkel wrote:
>
>
>>>
>>>
>> It's been running for about 7 hours now and I've added about 15% to the
>> size of my blacklist. I've been looking up some of these IPs on dnsstuff
>> and about 1/2 of them aren't listed anywhere else. I've has 145152 hits
>> on it in the las 7 hours.
>>
>> One think to keep in mind is that it's a low CPU cost to detect spam
>> bots as compared to running it through spamassassin which is the more
>> common method and I think this is going to be 100% accurate for the
>> hosts it collects. And it's going to be faster at detecting spambots. I
>> think that if this data were fed from many big sources that spambots
>> could be detected much faster.
>>
>> Also - this is powering my public hostkarma blacklist so it's an early
>> warning for those who are using it. I'm getting bots listed far faster
>> than spamhaus.
>>
>
> Now, suppose that I am a mail administrator having some problems to
> deliver mails to @perkel.com. If I try to telnet from my mailserver to
> your listed MX on port 25 to try to diagnose the problem, will you
> blacklist my legitimate mailserver because I connected to your fake MX?
>

Only if you start with the highest numbered MX records and connect 25
times in a 3 day period.