On Apr 1, 2015, at 2:26 PM, Kevin Miller <kevin.mil...@juneau.org> wrote:
> I blocked the RRPPROXY.NET name servers at the firewall. [...] After I did > that, almost instantly the spam dropped dramatically. [...] > There was some discussion in this group about blocking on DNS providers about > a month or so ago, spawned by my initial requests for help. I don't know if > you have the luxury of dropping the connections at the firewall but it worked > for me. Look back through the archives. Ah, I see... you killed them at the firewall itself, before they even got to sendmail. I was wondering how blocking the name servers themselves would help, since (at least in my configuration) sendmail doesn't reject just due to bad rDNS (not sure if that's even possible). Unfortunately, no, I don't have control over the firewall. Indeed, there is no hard firewall, so I only have software, and I'm not sure I have anything that could do specifically this. Certainly it would be interesting to add such capability to SA (to add points for known spammy DNS providers and/or registrars), though I imagine that could be a recipe for FPs in some cases. Then again, we did it for .pw URIs, so... --- Amir