Author: Ian Eiloart Date: To: Ted Cooper CC: <exim-users@exim.org> Subject: Re: [exim] Gmail's new 'suspicious sender' flag
On 11 Jul 2011, at 12:21, Ted Cooper wrote:
> On 11/07/11 20:11, Emmanuel Noobadmin wrote:
>> On 7/11/11, Ian Eiloart <iane@???> wrote:
>>> Ooh, the legitimacy of a mail server on a dynamic IP is pretty low already.
>>> When it's compromised, I don't think it has much legitimacy left!
>>
>> I wasn't thinking so much of mail servers on dynamic IP but spam sent
>> through valid mail servers such as an ISP from a compromised client,
>> or a spammer using the same ISP sending spam on a dynamic connection.
>>
>> This comes from experiences where my clients' intended recipient
>> running Barracuda rejects emails because the dynamic ADSL IP in
>> question (specifically pointed out in the bounce) was apparently
>> detected to be spamming some time ago.
>
> That's deep header inspection then - you shouldn't normally reject mail
> because the 2nd or 3rd level of received headers is listed in a DNS
> block list. That is a common mis-configuration of Barracuda appliances.
> It means that innocent users of an ISP that has been good and listed all
> their non-mail blocks in the Spamhaus PBL (for example) are falsely
> rejected.
>
> Many a bad word has been uttered around the world upon discovering email
> being rejected by one of those systems.
Yes, I've seen this. If they're detecting IP addresses in the PBL, that would be very bad. It's bad enough if you've just acquired a previously abused IP address - but at least there's a little justification there.
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148
