Matus UHLAR - fantomas wrote: >>Matus UHLAR - fantomas skrev den 2013-02-03 20:41: >>>>only whitelist dynamic ips if there is port 25 open on it, >>>so any open relay and SMTP redirect gets whitelisted? > > On 04.02.13 00:55, Benny Pedersen wrote: >>nope, if port 25 is open, its another problem, in the way that is >>could be static ip, with a dynamic hostname / reverse dns, but it >>depends on what mail this dynmic ip want to accept > > Well, if a port 25 is open on dynamic IP, it COULD be open relay or > SMTP > redirect. If we decide an IP is dynamic (or should not be used for > mail, see spamhaus PBL policy), we should NOT whitelist it just > because IP has port 25 open. There are multiple ways to detect dynamic > IPs (rDNS patterns, PBL, SORBS-DUL, MAPS-DYNA) which I found more safe > than TCP port 25 open. > >>complicated yes, seem from my own logs is that some domains just >>setup mx records, to have abality to send email, but when trying send >>to this mx postmaster or abuse does not exists or mx host does not >>accept recipient domain, seen here relay denied, and connection >>refused > > This is what e.g. rfci-ignorant or many other rhsbl blacklists are > for.
rfc-ignorant has gone off-line. -- Per Jessen, Zürich (7.7°C) http://www.dns24.ch/ - free DNS hosting, made in Switzerland.
