Re: [exim] Unusual DNS Lists available

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Michelle Konzack
Data:  
Para: exim-users
Assunto: Re: [exim] Unusual DNS Lists available
Hi Marc,

Am 2008-05-27 08:22:35, schrieb Marc Perkel:
> dig perkel.com.rb.junkemailfilter.com         - returns 127.0.0.1
> dig perkel.co.uk.rb.junkemailfilter.com       - returns 127.0.0.2
> dig perkel.state.ca.us.rb.junkemailfilter.com - returns 127.0.0.3


Hmm are you think, this lookup is faster then a local check?

>     Free Mail Domains List

>
> These are a list of host names of provider of free email accounts that
> are often used for fraud scams. The list includes names like yahoo.com,
> hotmail.com, gmail.com. This is not a block list. It is used to
> determine if the account used comes from a freemail provider.
>
> Usage:
>
> dig yahoo.com.freemaildomains.junkemailfilter.com


May be usefull. How many FREMAIL DOMAINS are already listet?
My own list has arround 73 from which I get regulary spam.

> For example. Spammers sometimes send email from a hotmail.com account
> and have the reply-to set to a gmail.com account. That way when the
> sender gets shut down for spamming the reply-to still works.


...and <gmail.com> will never take action against
them and they can continue to spam the world!

I HATE GMAIL!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Arround 1400 indirect GMAIL spams per day in my
(old) mailbox are too much!!

> Here's an example of an Exim rule to block this.
>
> # Freemail Tests
>
> warn    dnslists = freemaildomains.junkemailfilter.com/${domain:${lc:$h_From:}}
>     add_header = X-Freemail-From: ${domain:${lc:$h_From:}}
>     set acl_c_freemail = yes
>     set acl_c_freemail_from = ${domain:${lc:$h_From:}}

>     
> warn    dnslists = freemaildomains.junkemailfilter.com/${domain:${lc:$h_Reply-to:}}
>     add_header = X-Freemail-Reply-to: ${domain:${lc:$h_Reply-to:}}
>     set acl_c_freemail = yes
>     set acl_c_freemail_reply = ${domain:${lc:$h_Reply-to:}}

>
> deny    condition = ${if def:acl_c_freemail}
>     condition = ${if eq{$sender_host_name}{}}

>
> deny    condition = ${if def:acl_c_freemail_reply}
>     condition = ${if def:acl_c_freemail_from}
>     !condition = ${if eqi{${local_part:$h_From:}@${domain:$h_From:}} \
>         {${local_part:$h_Reply-to:}@${domain:$h_Reply-to:}}}


I will try this out and thest if it is faster then my local list...

>     ISP Hosts List

>
> The ISP list are domains that provide DSL or cable modem access to end
> users. We use the list internally as an exclusion list when we test for
> conditions excepting ISPs. This list is generated by using the registry
> barrier of hosts that are classified as dynamic IP ranges. We don't know
> how useful this list is to you but if you find a good use for it let us
> know.
>
> dig comcast.com.isphosts.junkemailfilter.com


Many ISPs offer fixed IPs including VALID reverse lookups
but they give them IPs from there dynamic pool...

So this list will hit MANY innocent users.

Thanks, Greetings and nice Day
    Michelle Konzack
    Systemadministrator
    24V Electronic Engineer
    Tamay Dogan Network
    Debian GNU/Linux Consultant



-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
Michelle Konzack   Apt. 917                  ICQ #328449886
+49/177/9351947    50, rue de Soultz         MSN LinuxMichi
+33/6/61925193     67100 Strasbourg/France   IRC #Debian (irc.icq.com)