Re: [exim] [OT] How not to filter email

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim-users
Subject: Re: [exim] [OT] How not to filter email
Ted Cooper wrote:
> I've recently had a very interesting spam investigation involving the
> ISP of a small business connection running an Exim server.


*snip* (full detail in the archives)

Ted,

Not so 'OT at all. Just one more in a series of oftimes vexing overzealousness,
and one for which I was grateful to see the specifics researched.

However...

I'd suggest not using that RBL as a 'hard reject', but rather to merely add
'demerits' as part of a point-score. IOW - if the connecting host is in the RBL
BUT does 'everything else' - or at least the important stuff - as they should,
I'd do no more than (maybe) flag the traffic as 'Suspect'.

In practice, we don't need to do even that here, as a 'real' backscatter would
probably be blocked by earlier rules, an 'accidental' backscatter rendered
harmless, and the chronically-errant locally LBL'ed. Perhaps 'forever'.

Which saves yet-another RBL lookup...

YMMV, but I believe that it can be 'fixed' at your end more reliably than at
their end, if only because the supply of external fools will always exceed that
of local experts...

;-)

Bill