Autor: Slavko Data: A: exim-users Assumpte: Re: [exim] Closing off Port to non-SSL traffic
Dňa 24. júna 2022 9:14:41 UTC používateľ Kirill Miazine via Exim-users <exim-users@???> napísal:
>I've found AuthBL from Spamhaus and Abusix to be very useful.
AFAIK Spamhaus's AuthBL is about hosts, which uses stolen credentials
(to send SPAM), not those attacking AUTH. While i use it in rsdpamd and MX,
only very small part of mentioned IPs is/was on it... I even stop to use its
XBL for AUTH due too many false positives, mostly due end user's IP change
(e.g. Deutche mobile users). It tooks about 2 days to XBL's time out on
Spamhaus side and this repeats after next IP change...
BTW Spamhaus itself suggests to not use XBL for end users filtering and
AurhBL is XBL subset...
>I tend to make my MUAs say "EHLO there" or "EHLO world" :)
MUAs uses strange EHLOs often and it is not problem, as MUAs are not
expected to direct connect to MXes. The port 25 is resrved for MTA - MTA
communication for long time. If you do it, please do not suggest this to
anyone other nowadays...