Hi All, I've figured out how to use DNSBL with sendmail and am very pleased, apart from being burnt by this page (ie i use www.orbz.org as a blacklist and our mail server suddenly became very obscene)...
my question is, i read in the archives that if you have too many of these DNS lookups then the MTA will timeout. what is the ideal balance on say a 64K connection? i've got 4 so far, but there is a whole pile more?? which ones are the best to use? secondly, has anybody noticed that they are receiveing a number of random email address at their domain? we are getting things like [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2003 8:23 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [SAtalk] Blocking of bouncing addresses so I'm guessing that spamhaus is a thing which you can plug into spamassassin and mark as spam incoming? or how would I completely block those IP addresses with firewall or some kind of deny rules.... that's what we need around here. complete and utter shutdown... :) thanks for the feedback... -----Original Message----- From: John Oliver [mailto:[EMAIL PROTECTED] Sent: Thursday, November 27, 2003 6:53 PM To: [EMAIL PROTECTED] Subject: Re: [SAtalk] Blocking of bouncing addresses On Thu, Nov 27, 2003 at 01:13:52PM +1030, [EMAIL PROTECTED] wrote: > We have a number of hosts spamming us using the mailing to a wrong address > which doesn't exist but crafting the reply to address as someone else so > they receive a bounce message and open it and it's spam. > > I've tried blocking about 10-15 hosts with iptables and that shuts them up > for a while but doesn't take long for more to appear. the poor old 64k > connection is being flooded with this rubbish and i wonder if there is a > good way to stop it. the mailservice doing the spam check is acting as a > gateway for an exchange server so it's not a matter of making sendmail do > something fancy and not accepting mail for addresses that don't exist, > although that means that real mail boucing may end up in the dump should we > go that way. I've asked about "reversing" FEATURE(`blacklist_recipients') in comp.mail.sendmail, but haven't had an answer. I'm in the same boat, but also have considerably more than 64kb/s to work with... :-) > anybody got any thoughts on a live blocking setup or seen a decent list of > spammers hosts that is fairly up to date? http://www.spamhaus.org/ -- John Oliver, CCNA http://www.john-oliver.net/ Linux/UNIX/network consulting http://www.john-oliver.net/resume/ * * * * * * * * * * * * * * * Contribute to the SpamCon Legal Fund!! http://www.spamcon.org/legalfund/ ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk