On 10 Jul 2011, at 21:34, Emmanuel Noobadmin wrote:
> On 7/11/11, Jeff Lasman <blists@???> wrote:
>> I'm strongly considering automating taking all these IP#s and creating my
>> own
>> local DNS-based blocklist to run all company incoming email through, before
>> checking other blocklists.
>>
>> Any opinions on that?
>
> The first thing that came to mind is that plenty of the spam might
> come from compromised but otherwise legit machines on dynamic IPs.
Ooh, the legitimacy of a mail server on a dynamic IP is pretty low already. When it's compromised, I don't think it has much legitimacy left!
> So blocking by IP would first block legit mails from the user of the
> compromised machine and secondly a wholly innocent user who simply was
> the next in line to get assigned the IP by the ISP.
Well, this might just encourage the owner of the compromised machine to tidy it up, and the "innocent user" to make proper arrangements to get a fixed IP address.
I don't think the world needs to pay much attention to senders who can't keep some kind of stable identity for their mail stream. Given that IP address is the most common key into email stream reputation services, a fixed IP address really is essential for mail deliverability. It probably has been since the widespread adoption of DNSBL services.
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148
