On 11 jan. 2012, at 16:12, email builder wrote: >> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list > > So who is using Stan's list? What do people have to say about > it? What should I consider in regard to possibly implementing it?
We use a modified version as a HELO blacklist. This avoids the false positives we saw while testing it as a reverse DNS restriction but, because the use of the reverse hostname as the HELO string is a common pattern in spam attempts from compromised hosts, it's still very effective. It's a 'check_helo_access' restriction in our 'smtpd_recipient_restrictions', and sits right before our RBL checks, where it has blocked 17235 attempts so far this year, with zero false positives since we started using it, in November somewhere. So another 'Thanks!' to Stan for providing something that saves us quite a bit of time :-) Cya, Jona
