Re: [exim] Blocking Users with No Reverse DNS

Top Page
Delete this message
Reply to this message
Author: Jethro R Binks
Date:  
To: exim-users
Subject: Re: [exim] Blocking Users with No Reverse DNS
On Tue, 6 Nov 2007, Michael Haardt wrote:

> All in all, it is absolutely worth the hassle. For me, it catches 1/3
> up to 1/2 of all spam at minimal cost.


And don't forget that mail you don't want to receive will likely match
several of your ACL checks. So if refusal on the basis on no or
mismatched DNS makes you a little nervous, put the check after other
checks you are already happy to use, such as DNSBLs, HELO checks, RCPT
checks, local blocklists/whitelists and so on, so that 'suspicious' mail
already has a chance to fail for other reasons.

I found putting a refusal based on no/mismatched DNS early on caught lots
and lots of stuff (that would probably later be caught be DNSBLs etc).
Putting it towards the end it was much quieter, and much easier to monitor
for likely 'false positives' (in the sense that it was mail we would
probably have wanted to accept had DNS been consistent, not obviously spam
anyway).

Or you could combine the check with other checks that make you a bit
nervous, in the hope that a message matching several anomalies all at once
is probably not worth accepting.

Or mark it and pass it on to SpamAssassin for more prejudicial scoring.

Jethro.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK