On 28.07.18 17:06, RW wrote:
>I don't see anything on the site to suggest that it avoids listing
>dynamic IP addresses. And here:
>
> https://www.spamcop.net/fom-serve/cache/357.html
>
>commenting on listing history it says:
>
>
> "One also has to remember that IP addresses change hands. Many ISPs
> assign IP addresses to customers dynamically, so addresses are
> changing all the time."
On Sat, 28 Jul 2018 18:12:42 +0200 Matus UHLAR - fantomas wrote:
and the point is?
A-ha. ou put it in subject:
Re: Why is RCVD_IN_BL_SPAMCOP_NET not '-lastexternal'?
well, the -lastexternal is for dynamic IPS, and spamcop lists spam
sources, not (just) dynamic addresses.
On 28.07.18 18:13, RW wrote:
Most -lastexternal lists are mixed dynamic/static. Deep checks should
be, and mostly are, list for exploitable servers or IP addresses under
the control of spammers (or very spam friendly ISPs).
RCVD_IN_BL_SPAMCOP_NET seems to be an anomaly.
spamcop does list IPs that send spam. It does not care whether static or
dynamic, mailserver or open proxy.
That means, since spamcop lists exploited servers and IP addresses used by
spammers, using it in deep header tests is correct.
If you want to be 100% sure, you can split RCVD_IN_BL_SPAMCOP_NET into two
rules, one for -lastexternal and one for deep header tests.
But I don't think it's worth trying. spamcop delists IP 24 hours after last
spam from it is received.
ISPs providing dynamic IP addresses should better block port 25 to outside
and thus only allow authenticated submission.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...
