On 23.05.13 18:24, Kristian Duus Østergaard wrote: > My smtp server is currently using identlookup and I think it is one reason > that >I don't receive a ton of Spam.
I have configured the same on my former employer's SMTP servers because of the same reason. I found it useful - if the machine provides ident, SMTP transaction starts imediately and if client is firewalled, it has to wait, which helps against spambots. Clients have to use different ports (and different SMTP server) even... >Unfortunately some of my users receive mails from a domain that has a very >short >timeout and drops identlookups at the firewall, instead of rejecting them. This >results in no mails coming through to my users from the domain Such SMTP client violates the SMTP protocol, which requires waiting at least 300 seconds for SMTP welcome greeting. Inform the clients (and remote postmaster) that remote SMTP server is misconfigured and violates the standard which results in problems. >in question and >me getting asked how many other domains does this happen from. My own >approximate count indicates that only 1.6% of the failing connections are from >legit servers. > >So my questions are really : > What is your experience with identlookups ? > Should I stop using it on my server and risk more Spam ? > When you discover a problem with a server what do you do ? Commented above. I recommend using ident on SMTP server to avoid much of spam. > Do any of you have automated scripts to inform the postmaster in the other >end that you do have a server and it actually can respond ? no automation > Does courier have any filtering function for this very special scenario ? no filtering, but for special cases you can drop SMTP connections when outgoing, which will result in immediate dropped ident connection, instead of waiting to time out. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe. ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
