John W. Baxter wrote: > On 9/5/06 5:32 AM, "W B Hacker" <[EMAIL PROTECTED]> wrote: > > >>The worst offenders seem to be more consist w/r using the same bogus HELO than >>they are as to using the same bogus user address. Most appear to be zombified >>Winboxen. > > > And others are "outlaw" yahoo, hotmail, and msn (etc) accounts, so it seems > a good idea to temper the automatic nature of the blocking. (Where an > "outlaw" account is a proper account set up by a spammer and used via the > proper servers until it is booted off.) > > --John > > >
Agreed. While we block *forgeries* of those ISP's, 'outlaw' traffic would ordinarily pass ALL of our server-manners acl's, and would be in the 11% that hit SA. or another filter that covers the sending user.. OTOH, we block roadrunner and comcast after 2+ years of 100% spam, and massively so. No exceptions - not that we would know or care any longer. Verizon is also blocked, with just one specific correspondent whitelisted. Not "recommended", mind you - just the way it is for *OUR* environment. YMMV, Bill -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
