Jasen Betts <jasen@???> wrote:-
> Honest users will be sending through a smarthost, so probably an 'a'
> in the 'by' clause unless they have some other arrangement with the
> smarthost, or the smarthost has a broken by clause.
> For this reason checking foreign received headers is a bad idea.
I check:-
SMTP To - if it is not our domain or not a known user, it is refused.
We don't send emails to ourselves either, so FROM = TO is refused too.
SMTP sending IP's host name and whether it resolves to the sending IP address.
HELO/EHLO and whether it resolves to the sending IP address.
If the sending host name is on the hosts.amateur.spammers or
hosts.professional.spammers lists it is rejected.
> As received headers can trivially be forged, they are unsuited
> to use in whitelisting.
Don't examine the Received headers.
Seldom use whitelisting.
> > Because mail admins, like me for example, are unhappy at the vast
> > amount of spam originating from ranges of dynamic IP addresses.
> > After a while, we block hosts like
> You could just do what bt-internet does, and blacklist everyone, and
> only whitelist on request, but that may require additional staff....
BT often can't give a valid EHLO and when they do, it usually relates to
the wrong IP address.
There are two types of BT (British Telecommunications) Internet -
resale and wholesale. Wholesale is generally good. Retail is crap so I
avoided all the time from about 1992. BT retail Internet is just like
Windoze - ugh ! The installation branch of BT, Openreach, has poor
organisation. It will be legally separated from BT (floated-off).
Our existing Exim defences function well. The whole system is so
reliable that little effort is required to enjoy a virtually spam-free
environment.
--
Regards,
Paul.
England, EU. England's place is in the European Union.
