> From: "John Levine" <[EMAIL PROTECTED]> > To: "Gary Mills" <[EMAIL PROTECTED]>
> > I had a complaint the other day from one of our users who is receiving > > many stock pump spam messages. > > What else can we do about this spam? The sending computers are all > > listed on the PBL, which we don't currently use. Is this our only > > hope? I'm reluctant to use that blocklist because we have clients on > > networks that are listed there. Using it would force clients to use > > authentication to send e-mail, generating complaints from legitimate > > users. Yes, we may even have legitimate users in Peru and Viet Nam. > > I'd bite the bullet, use the PBL, and get your Asian clients to fix their > configurations. It's one time pain for long term benefit all around. I agree with John, but a compromise might be to whitelist those clients instead of getting them to change their configurations to use some form of SMTP authentication. Whitelisting might require more work on the SMTP server side, but little or no work by the client. If they can be whitelisted by IP address, perhaps their addresses should not be in the PBL. On the other hand, if their IP addresses should be in the PBL, then either they are violating the terms and conditions of their ISPs or they are likely sources of spam. There is another possibility. I've long wondered about changing the DCC client code support for DNS blacklists to have two sets of blacklists. Individual users can enable or disable DNSBL checks for their mail done by dccm, dccifd, or dccproc. If there were two sets with separate controls, you could put the PBL into the second set and let that user enable it for only that mailbox. Would adding that complication be worthwhile? Vernon Schryver [EMAIL PROTECTED] _______________________________________________ DCC mailing list [email protected] http://www.rhyolite.com/mailman/listinfo/dcc
