Re: [exim] 2nd Stage DNS blocking

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Always Learning
Data:  
Para: Exim
Asunto: Re: [exim] 2nd Stage DNS blocking

Jasen Betts <jasen@???> wrote:-

> Honest users will be sending through a smarthost, so probably an 'a'
> in the 'by' clause unless they have some other arrangement with the
> smarthost, or the smarthost has a broken by clause.
> For this reason checking foreign received headers is a bad idea.


I check:-

SMTP To - if it is not our domain or not a known user, it is refused.
We don't send emails to ourselves either, so FROM = TO is refused too.

SMTP sending IP's host name and whether it resolves to the sending IP address.

HELO/EHLO and whether it resolves to the sending IP address.

If the sending host name is on the hosts.amateur.spammers or
hosts.professional.spammers lists it is rejected.

> As received headers can trivially be forged, they are unsuited
> to use in whitelisting.


Don't examine the Received headers.

Seldom use whitelisting.

> > Because mail admins, like me for example, are unhappy at the vast
> > amount of spam originating from ranges of dynamic IP addresses.
> > After a while, we block hosts like


> You could just do what bt-internet does, and blacklist everyone, and
> only whitelist on request, but that may require additional staff....


BT often can't give a valid EHLO and when they do, it usually relates to
the wrong IP address.

There are two types of BT (British Telecommunications) Internet -
resale and wholesale. Wholesale is generally good. Retail is crap so I
avoided all the time from about 1992. BT retail Internet is just like
Windoze - ugh ! The installation branch of BT, Openreach, has poor
organisation. It will be legally separated from BT (floated-off).

Our existing Exim defences function well. The whole system is so
reliable that little effort is required to enjoy a virtually spam-free
environment.


--
Regards,

Paul.
England, EU.      England's place is in the European Union.