Dave,
Since moving to testing on multiple hops, I have found that the expire of records in many of the open relay/spam trap lists has something to be desired (as far as my purposes go). They seem to operate with the impression that people only use these lists on the last hop, however with zombie spammers now starting to relay through legitimate mail servers, it's useful to be able to tag the originating IP as an open relay, but of course only if the information is timely. I have also found that besides XBL/CBL, the relay/spam trap lists, there is lack of a suitable mechanism for delisting unless there is an actual mail server at that IP which can send and receive notifications.
As far as the DUL lists go, they are just that, DUL lists, and there is no way out of one unless you are statically assigned and authorized to serve. The only fault with NJABL might be that they aren't delisting the open proxy. I've been meaning to write a note to several of these lists explaining our (Declude's) capabilities and asking for help in either delisting false positives when found, or reducing the time before delisting/re-testing. I have also been phasing out SORBS and FIVE-TEN on my system because they are unreliable by design. SBBL also recently got removed because I can't seem to find a site to report FP's to, and their hit rate has been dropping over time (possibly abandoned as a public resource). NJABL though is above average in terms of reliability on their open relay tests, and their SOURCES test hardly has any questionable sources in it (static spammers).
As far as your situation goes, IMail 8 with WHITELIST AUTH would solve this without you needing to weaken your system. I upgraded to IMail 8 for just two things; 1) fixing the queue so that it couldn't steal messages from Declude, and 2) passing AUTH information in the Q* files so that Declude could whitelist local users.
Matt
Dave Doherty wrote:
Hi, all-
I have a cable modem in my apartment with a dynamic IP.
I sent a couple of emails tonight to others at my domain. These messages FP'd. They were caught by NJABL, which has my current address listed as an open proxy, with a listing date in January. This address is also listed (correctly) in DYNABLOCK.
But if it's a dynamic address, the IP of whatever open proxy existed in January has certainly changed.
Does anyone else see the illogic in NJABL's lists, or am I crazy?
Anyway, I am adjusting the weights of the NJABL tests so that no combination can result in a hold weight.
-DaveDoherty Skywaves, Inc.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
-- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =====================================================
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
