I've also configured my mail server at work to block incoming mail from adsl, cable, and dial-up IPs and host names. This is because all of the mail that we receive from those domains is spam.
;-) Including mine? And Derek's? (Of course, ours goes through the list before getting to you.)
Well, this is at my day job. I have my own mail server at home where I get mail from GNHLUG. At work I block incoming connections from a list of domains. I maintain this list manually. I use exim, so it's a file using a wildcardlsearch. It matches on partial names, i.e *.client2.attbi.com. I also have a separate, smaller list of IP numbers. Something only gets added to these lists after it has been used to send us spam. It drops the connection at HELO with a message of 550 Access Denied.
As I mentioned, I haven't found the time to set up anti-spam measures at home.
When a machine connects to send us mail, our mail server does a reverse DNS look up on their IP. It ignores what is sent in the HELO, unless the other machine is sending our own IP or host name in the HELO, in which case the connection is rejected.
Do you just verify that there is a reverse DNS? Or do you verify that the reverse matches the forward? I'm curious.
It does a reverse lookup on the sending IP, and not what they give us in HELO. It also does a sender verify. Seems my rules aren't so stringent that machines with no host name get dropped. I've checked and mail gets through even if a reverse lookup fails.
When I started trying to block spam that way a few years ago, I had to remove that as being too aggressive. I found that most reverse DNS didn't map to their forward hostname. I also found that, at that time, many mail servers had hostnames which didn't resolve, or had no reverse DNS. This was from companies like Kollsman Instrument, Fidelity Investments, PSNH, etc. Out of the 15 members of the board of directors of a non-profit whom I ran the mail server for, 11 of them were unable to send email after blocking spam that way. (Whether this is a comment on the actual content of the board is another matter. ;-) I had to drop that level of spam blocking for the board to communicate with the non-profit's CEO. It is always a trade-off between blocking spam or losing a potential sale or important email. Most of my clients are more concerned about the latter than the former - of course, while still complaining about spam. (I had a client who almost lost a $50,000 deal due to a single missed email.)
When I first switched us to exim from sendmail, I forgot just how pedantic exim can be. We weren't getting mail from one of our vendors because their mail server had an illegal character in its name. Seems Microsoft allows one to configure host names that are illegal according to published standards for Internet naming conventions. I had to allow this character specifically in HELO in order for us to get their mail. Ironically, it's a company that does most of our networking, and their mail admin. fails to see that it's a problem that their mail server has an invalid host name.
I've noticed that a lot of the ube software is very poorly written. Our mail server refuses a lot of connections on the simple basis of the client not following SMTP.
_______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
