Matt, Thanks for the clarification - it explains a few things.
The reason for all this is because I provide "out-sourced" email services to people who are willing to pay for added features like Spam and Virus filtering. Most of my clients connect to the internet via DSL or Cable (Comcast). We then reconfigure their outlook client to use my POP and SMPT server. This would explain why all my Comcast clients are testing positive for DYNABLOCK. Their client IP is something like 68.80.102/24 and then they relay through SMTP:64.239.136/24 Given your info, I am still confused why this test is in SA with a significant score. Tons of people legitimately relay to mails hosts that are off their network: - people who use a third party hosting company for @theirdomain.com email - ISP's who resell Verizon etc.,. DSL services and then uses their own mail/dns/web servers. For example, www.kauailink.net - I setup their SA stuff and they support DSL clients that they bill, even though they don't own/run the DSL network - they just resell. I just don't understand why this test is significant. Especially with the release of 2.60 it seems there are more and more RBL's. Its tough to keep track of what does what, and how significant each one is in reality. -John -----Original Message----- From: Matt Kettler [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 01, 2003 11:21 AM To: VonEssen, John; [EMAIL PROTECTED] Subject: Re: [SAtalk] dynablock confusion... First, most of your message has a lot of misconceptions about dynablock, and SA's use of it. It's also very long so, I'm just going to leave it out, and reply to your points of confusion free-form. Dynablock does not block spamsources. It lists the IPs of dialups, cablemodems, and DSL, regardless of wether or not they've sent spam before or not. Period. See http://basic.wirehub.nl/dynablocker.html The purpose of dynablock is to block those users who do not send mail via their relay. It is not intended to be used to block dialup users that do send via their proper mail relay. SA should be checking every IP except the first IP in the received chain. It should skip the very first IP, so that it does not check the hand-off from their machine, to their ISP's mailserver. If you've got an example where it has in fact checked the first IP (despite the code explicitly avoiding doing so) then there's a bug in SA's handling. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
