On Mon, Jun 02, 2008 at 03:29:44PM +0200, Matus UHLAR - fantomas wrote: > > > On 30.05.08 15:37, Larry Ludwig wrote: > > > > IMHO regex setups are even more reliable we do this with our postfix > > > > setup. > > > > > > > > For example: > > > > /^c-.+-.+-.+-.+\..+\..+\.comcast\.net$/ REJECT > > > > dynamic ip address use isp for outgoing email - access.regex > > > > > > > > I think is more reliable than just by name or especially by IP since IP > > > > allocations do change. > > > On Mon, Jun 02, 2008 at 01:28:21PM +0200, Matus UHLAR - fantomas wrote: > > > looking at 20_dynrdns.cf we see that there are MANY forms of marking > > > dynamically allocated space. The score of RDNS_DYNAMIC dropped in the past > > > (there were FP's reportet iirc) and now it's mostly used in conjuction > > > with > > > other rules. > > > > > > If your regexp's are THAT efficient, share them with us please. > > On 02.06.08 15:14, Henrik K wrote: > > 20_dynrdns is lame and no one is really updating it. It doesn't even strip > > domains, resulting in hosts like smtp.dynamic1.com to match. It's pretty > > cumbersome to use the meta headers too. It needs some revamping to be more > > useful. > > Is there a bugreport for this? Or do youfind it better to whine and not try > to make it better?
There are many bug reports, what good does it do if noone has the time to act on them? > > That's why there are plugins like Botnet and my BadRelay[1] (which handles > > domains properly). My tool is pretty outdated too, I haven't updated it > > since I started blocking and greylisting suspicious hosts directly at MTA. > > Not much passes through. > > BotNet was afaik reported to have FP's for ISPs. That's why I do not use it. Botnet blocks what you configure it to block. SA rules are forced on you.
