All, thanks for the input and comment. In summary, I will block TCP port 25. My DNS loadbalancer (F5) can filter MX query and need license to do it. But given the information the botnet use address list with pre-resolved IP addresses then blocking MX query is not the answer :-)
Thanks & Regards Ibrahim On Wed, Sep 5, 2012 at 9:18 AM, George Herbert <george.herb...@gmail.com>wrote: > > > > On Sep 4, 2012, at 12:07 PM, William Herrin <b...@herrin.us> wrote: > > > You are. You should be doing SMTP Auth to *your* email server on which > > you have an authorized account and then letting it relay your messages > > to the world. > > > This is not the thread for this conversation per se. The practicality of > general ISP 25 blocking is established for antispam purposes. So are power > users running home domains. Different user profiles. Different > circumstances. > > > George William Herbert > Sent from my iPhone >
