Randy Bush wrote: >> A caller that *survives* forward/reverse DNS lookup > > i can't do that. too many strange list subscribers from places that do > not do much dns. too many users from strange places that do not do much > dns. >
Well - that's how and why *we* (mailadmins) have made the entire zombiefied WinBox hundred-thousand-plus-unit 'farm' phenomenon possible. If you can not - or WILL NOT - use the tools the RFC provides to separate 'early' and cheaply on clearly improper behaviour, then you will just have to suffer the resource cost of trying to separate on content analysis. It is far harder to get that right. Zombastards are expert at throwing in just the sort of gratuitous fluff that pases automated scanning and suborns - even poisons - sophisticated Bayesian filters. Most filtering needs extensive string parsing and pattern seeking and matching - done quite well in interpreted languages such as perl - but never at a low-resource cost. >> If you want 'immediate' onpassing, you'll need something like lookups >> against /var/mail/IP-pass or /var/mail/VIP lists, > > i got into this because one can not maintain good ip lists because goog, > yahoo, et alia keep adding servers but not putting them in places such > as dnswl.org. > > randt > It is not hard to manually track down a handful of the 'majors' with 'whois', 'dig @' and 'host -v'. OTOH - there is ordinarily little need to give them special entries. Even MSN/Hotmail finally cleaned up its act some years ago - ONE server persisted in trying pipelining when told it was not on offer. One server out of PCCW's 'Netvigator' outbound pool is configured differently (and wrongly) from all the others. NetSol has been the last major irritant here. Ironic that the folks chartered to - among other things - operate the 'a' root-servers, should be so careless w/r their own mailserver DNS & HELO. YMMV, but denying those who look, act, taste, and smell like zombots is the only way the 'real' folks among them will *ever* see the need to mend their ways, use the 'smarthost' their connectivity ISP has provided, or register themselves a PTR RR on fixed-IP if they 'must' operate their own public-facing MTA. GMail, BTW, has hardly ever put a foot wrong by our lights, so - back to the door you entered by - we've no real need to handle them differently at all. Those who would attempt Gmail forgery have already been tagged for one or more 'capital offences' so to speak. Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
