I agree what what you've said below - but 2 things to consider: 1. A spammer is unlikely to add a blacklisted IP to a forged message (and if they do, their messages deserves to be killed anyways) 2. If the connecting IP is legit (as it would be coming through our ISP), then no harm adding another level of checking (if the user wants to enable this feature).
We have a lot of small clients who want to run their own Exchange server, but don't want to pay for a permanent IP. For them, mail works best with an MX pointed to a static IP (and the ISP), and let the SMTP flow once the client's IP is updated. MD -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Sent: Monday, February 12, 2007 1:51 PM To: Questions and Answers for users of ASSP Anti-Spam SMTP Proxy Subject: Re: [Assp-user] Feature request: Strip first received line of header Michelle Dupuis wrote: > A lot of companies are using 3rd part services as a backup MX > (queuing) for disaster recovery etc; so mail is routed through that ISP. > > You're right about stripping off the first received line can be > handled differently - perhaps the RTBL processing can match all IP > addresses within the header? Yes, I know of using them as a backup however you are using them as a primary MX record, thats what I find odd. I personally would vote no on such a feature, I've used GFI mailessentials that does this and frankly it's only caught false positives using the other headers. ASSP has the ability to block the message before it has been received using the source IP, if we were to check headers we would already be receiving the message, damage done, it costs more cpu, memory, and time to process it based on the headers rather than the connecting ip. Headers can also be forged much easier than a connecting ip can. Kevin ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
