At 12:28 PM -0700 2006-05-07, John W. Baxter wrote:
> Of the Exim admins who use the feature and to whom I listen the most, the
> feeling seems to be that this test (a) needs to be done selectively, as some
> servers respond oddly or uselessly (eg Yahoo), and (b) should be done after
> other protections have not stopped a sender. We don't presently use the
> Exim feature.
I am currently testing this feature with "warn_if_reject", so
it's not actually rejecting any connections or messages that fail
verification, but it is doing all the other parts of the process.
And I do have it pushed all the way to the bottom of the stack of
things that are checked before a message is accepted -- after
white/black listing (both DNS-based lists and locally maintained),
after greylisting, after checking reverse DNS or confirming that the
HELO/EHLO command is given in a legal format, etc....
> Another useful defense can be to delay sending out the initial banner for a
> few seconds and/or delay sending the response to EHLO or HELO for a few
> seconds. Many of the spam engines just press on with the EHLO/HELO in the
> first case or the MAIL FROM: in the second case, and the receiving server
> can then reject the protocol violation (I don't know whether Postfix can do
> that).
Postfix does have a method of detecting and rejecting
unauthorized pipelining, and that feature is also turned on.
--
Brad Knowles, <[EMAIL PROTECTED]>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
LOPSA member since December 2005. See <http://www.lopsa.org/>.
------------------------------------------------------
Mailman-Users mailing list
[email protected]
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
