On Mon, Jun 02, 2008 at 01:28:21PM +0200, Matus UHLAR - fantomas wrote: > On 30.05.08 15:37, Larry Ludwig wrote: > > IMHO regex setups are even more reliable we do this with our postfix setup. > > > > For example: > > /^c-.+-.+-.+-.+\..+\..+\.comcast\.net$/ REJECT > > dynamic ip address use isp for outgoing email - access.regex > > > > I think is more reliable than just by name or especially by IP since IP > > allocations do change. > > looking at 20_dynrdns.cf we see that there are MANY forms of marking > dynamically allocated space. The score of RDNS_DYNAMIC dropped in the past > (there were FP's reportet iirc) and now it's mostly used in conjuction with > other rules. > > If your regexp's are THAT efficient, share them with us please.
20_dynrdns is lame and no one is really updating it. It doesn't even strip domains, resulting in hosts like smtp.dynamic1.com to match. It's pretty cumbersome to use the meta headers too. It needs some revamping to be more useful. That's why there are plugins like Botnet and my BadRelay[1] (which handles domains properly). My tool is pretty outdated too, I haven't updated it since I started blocking and greylisting suspicious hosts directly at MTA. Not much passes through. For a really big regexp list, have a look at [2]. [1] http://sa.hege.li/ [2] http://www.linuxmagic.com/opensource/anti_spam/dynamic_regex/