On Wed, 10 Sep 2003, Paul Makepeace wrote: > Thanks for this! I implemented the rejecting plain IP and non-FQDN > suggestions rejecting rfc-breaching [EH]LO strings, and now it's cheaply > 550'ing hundreds every day here. > > I wonder what the long-term falsepos rate is... I've had one definite > falsepos from a server announcing itself with an IP address so you > really need a whitelist to go with it and occasional scans of logs and/or > some reporting mechanism.
I'd strongly recommend against blocking sites because they announce with an IP unless they are offering an IP other than the one they connect from. Lots of servers are poorly configured and a facist configuration will prevent genuine email as well as spam. A whitelist is only going to help you after you've already permanently rejected a message. Maybe you can modify the rule so that you check $sender_helo_name against the client IP. Jason Clifford -- UKFSN.ORG Finance Free Software while you surf the 'net http://www.ukfsn.org/ ADSL Broadband available now
