On 02/08/2013 11:10 AM, Eric Shubert wrote: > I've received a malicious spam from the following address: > Received: from unknown (HELO 74-142-212-17.dhcp.insightbb.com) > (74.142.212.17) > > I'm a little surprised that the address hasn't been blacklisted, being > an apparent dynamic address. I'm using > dns-blacklist-entry=zen.spamhaus.org > dns-blacklist-entry=bl.spamcop.net > > Is there a good way to block public hosts with dhcp in their name? > Is there a better approach to this? > It doesn't seem to be on any of the blacklists reported by:
http://multirbl.valli.org/lookup/74-142-212-17.dhcp.insightbb.com.html I see two possibilities: 1) Add dhcp as an entry in ip-in-rdns-keyword-blacklist-xxxx 2) add .dhcp.insightbb.com in rdns-blacklist-xxxx (1) may block legitimate addresses from anywhere just because they have dhcp in their rdns name. (2) may block legitimate addresses if any exist within that domain. Gary _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
