John Rudd wrote: But even if I wanted a dynamic IP doesn't make much sense as MX. :-(
> Part of the operating definition of "soho mail server" that I am using > for botnet is: if your operation is so small that you're forced to use a > dynamic IP address for your email server, then you're probably also so > small that you're using one server for inbound and outbound traffic. Hm, interesting. But I don't agree that that's true. I know quite a few companies that "only" have DSL for their office(s). I don't know about other countries but here in Germany fixed IPs are too expensive or complicated to apply to worry about them. DSL is fast and easy and a dyndns service allows you to do anything you need without problems. Their webserver is hosted on a rented server or with at a provider's server of course. But almost many SOHOs have an internal mailserver for internal communication (DSLs are slow for uploads!). So, the mailserver (or the users themselves) download their mails from the provider's POP3-server but send all their mails to the internal mailserver which then relays the external ones to the provider's SMTP server via SMTP AUTH. Another "legal" scenario is a local linux server behind a dynamic IP with services running that send their status mails to the local sendmail daemon. That case would look exactly like my example from Friday, but wouldn't match the BOTNET_SOHO rule either, right? > >Shouldn't the BOTNET_SOHO look at the Received:-line of the provider's > >mailserver? > > It looks at received lines (after spam assassin has finished parsing > them), but which one it looks at depends upon your settings. Okay, good argument. :-) Maybe I have to look at my trusted networks settings again, but I can't add dynamic IPs there. And neither in Botnet.cf. Besides, I am worrying more about the spamfilter of the _recipients_ of my mails and I have no influence on their settings... Thanks, Andy. -- No matter what anyone else tells you, nice guys do finish last.
