Re: [exim] Spam filtering of blacklisted name serers

Top Page
Delete this message
Reply to this message
Author: Mike Cardwell
Date:  
To: Exim Mailing List
Subject: Re: [exim] Spam filtering of blacklisted name serers
Marc Perkel wrote:

> I'm having luck looking up the name servers of the sending host to see
> if it's blacklisted
>
>     set acl_c_ns = ${lookup 
> dnsdb{>;ns=$acl_c_sender_host_domain}{$value}fail}
>     dnslists=hostkarma.junkemailfilter.com=127.0.0.2/<;$acl_c_ns

>
> In this case $acl_c_sender_host_domain is the registry barrier pary of
> the host name (ie example.com)
>
> Anyhow - my point - it's catching a lot of spam especially from new
> domains just registered. Something worth exploring.


But how accurate is it? What is the logic behind doing that? If you
block an email randomly, there's something like a 90% chance it was
going to be spam anyway. That doesn't mean you should block email randomly.

On http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists it says you
should whitelist email using the configuration:

accept dnslists = hostkarma.junkemailfilter.com=127.0.0.1/$sender_host_name

Well ...

root@haven:~# host -t a 
wibble.pipex.net.hostkarma.junkemailfilter.com|grep 127.0.0.1
wibble.pipex.net.hostkarma.junkemailfilter.com  A       127.0.0.1
root@haven:~#


It seems that any host with valid RDNS of *.pipex.net is in your
whitelist. Who knows what else lurks in your lists. Any chance of
publishing the list data?

Mike