On Tue, 2010-02-16 at 11:49 -1000, Alexandre Chapellon wrote:
> > >I have a quite buggy customer network, full of zombie PCs that
> > >spends all days sending spam and wasting the whole "reputation" of my
> > >networks.
> >
> > Do they send these messages through your mail server?
>
> Mostly not but thoose who are doing so make my mail servers being
> blacklisted from time to times.
> (And I don't really care about dyn IP adresses being on blacklists...
> for now)
Hmm, wait. Are you saying the bots are using your infrastructure, rather
than the most common direct to MX? Or are you saying your customers are
actively spamming themselves?
AFAIK bots still don't abuse MUA credentials on the infected machine to
authenticate against the outbound SMTP. A policy change to offer SMTP
only with auth and TLS in 3 months time should be easy to tell your
customers.
Any mail traffic not relaying via your SMTP server should NOT get you on
any blacklist. Serious blacklist, that is.
What blacklists are we talking about?
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
