Re: [exim] Spam Blocking idea

Pàgina inicial
Delete this message
Reply to this message
Autor: Eli Sand
Data:  
A: exim-users
Assumpte: Re: [exim] Spam Blocking idea
> Consider this. Suppose a host send email and their helo matches the
> host
> RDNS, and I store that. Then later a different host uses the same helo,
> but they have no RDNS or that are on a dynamic IP. Wouldn't that be a
> strong indicator of spam?


Consider a mail host provider that provides email to many different
hosts/clients, which is set to HELO with the hostname of the client it's
sending email out as (sure, you may argue it's not proper, but people may do
it). You would end up thinking this server (or cluster of servers) is
sending spam.

Consider a cluster of mail servers behind a load balancer that balances
outbound as well as inbound on one IP. Technically each server should HELO
under their actual names (could be local - I don't believe RFCs state it
must be a valid public hostname), but they would send email out under one
common IP. You'd block this as well.

I've recently started using a new domain name for email and I have not
changed my Exim config in about a year dealing with spam filtering. I
hardly receive any (actually, I can't really remember the last time I had
spam in my inbox come to think of it) spam these days. I used to receive
tons of spam on my old domain name, and no filtering techniques changed
since then, so the amount of spam I get must be due to something with the
domain name... Perhaps you should tell your clients to a) stop using their
email address everywhere that has a "enter your email address!" (or use
temporary accounts for those reasons), b) if the registrar supports it, hide
registrar info and kill the contact address. I give you this tiny story
because I'm surprised that you, still, have to try and think up new ways to
block potential spam. I'm certain you've thought of everything and are
probably grabbing air in hopes to come up with something new. Perhaps it's
just up to your clients now to utilize their email with caution instead of
assuming your servers will shield them from the ugly side of the Internet.

Eli.