On Mon, 22 Mar 2010, Kai Schaetzl wrote:
Micah anderson wrote on Mon, 22 Mar 2010 10:51:20 -0400:
This brings it over the 8 threshold, although it is a legitimate email
From a user who has unfortunately been saddled with a dynamic IP
Most ISPs reject direct mail from non-static IP addresses nowadays. If
you combine this with John Hardin's suggestion you don't need the botnet
plugin or do RBL lookups for these clients at all (I guess you would
need a new plugin for this, though).
How do you reject mail from a non-static IP without doing a DNSBL lookup
(e.g. Zen)? If you're suggesting most ISPs are doing egress filtering on
port 25 from their dynamic spaces, that's good for them, but until _all_
ISPs do that DNSBLs will still be useful.
My suggestion doesn't involve discarding botnet or DNSBLs, it involves
offsetting their scores for those instances where you _know_ the mail from
a suspicious IP address is legitimate and wanted.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Men by their constitutions are naturally divided in to two parties:
1. Those who fear and distrust the people and wish to draw all
powers from them into the hands of the higher classes. 2. Those who
identify themselves with the people, have confidence in them,
cherish and consider them as the most honest and safe, although not
the most wise, depository of the public interests.
-- Thomas Jefferson
-----------------------------------------------------------------------
164 days since President Obama won the Nobel "Not George W. Bush" prize
