For a while I tried a local black-list based on the senders of bounced emails. It was deployed using "check_sender_access <filename>".
Using the whole email address didn't work - I never sawthe same sender twice; and using just the domain part gave me more false positives than true. A more targeted list, containing PROVEN dud domains and reserved TLDs - example.com or invalid.net - might have more success. I haven't given up on the idea completely. :-) Not quite what you asked - but it might help to explain Allen C On 03/08/17 10:07, Martin Jiřička wrote: > Hi, > > why there is no `reject_rbl_sender` restriction? It probably does not > make so much sense as `reject_rbl_client`, but it would help me in my > spam battle. Quite a lot of emails come from servers not listed inside > Spamhause blacklists, but sender's domain points to blacklisted IP. > > For example yesterday came email from: Jaromil > <jaromilbfc3...@spplalru.com> from client: bounce.countrcultur.com > [66.45.255.215] > > Client is not blacklisted under Spamhaus, but lets have a look in more > detail to sender. > > # Domain is not listed: >> host spplalru.com.dbl.spamhaus.org > Host spplalru.com.dbl.spamhaus.org not found: 3(NXDOMAIN) > > # Check for IP: >> host spplalru.com > spplalru.com has address 185.140.110.3 > > # But the domain point on blacklisted server! >> host 3.110.140.185.zen.spamhaus.org > 3.110.140.185.zen.spamhaus.org has address 127.0.0.2 > > > And this is not a unique case! In fact most of spam that pass my > anti-spam setting would be filtered with such restriction according > sender domain. Maybe it is more problem of Spamhaus and its list > synchronization, I do not know. > > Or is there any fundamental reason why rejecting emails according > sender's domain IP is not a good idea? > > > My best wishes, > Martin Jiřička >
