>We both agreed that even though what we are doing is hard nosed we should >stick to our guns and not remove such entires for a handful of whiners.
Exactly, the point has passed long ago where "goodwill" got you f*ck all with your email operations. The spammers and mailer-worm writers are playing harder and harder ball because the defenses ARE so effective. There can be no let up, no softening of positions or policies. If fact, the war being far from won, we must RAISE the MTA credentials even further. In the case of subscriber nets, it's so frigging easy for network operators to separate their business DSL/cable PTRs from the residential PTRs, it's so friggin easy to block port 25 effectively like Earthlink and lot of others due. That is to say, the technical solutions for network operators are easy, no recurring cost, and everybody, the clients of network operators and our clients, except the spammers, are happier. This whining about a few easily resolved false positives is pure BS. We have to keep ratcheting up the MTA credentials we insist upon to accept mail. The subscriber filter is useless against unknown PTRs. Heres's another click on the ratchet ... I have restriction_class in advanced, whose logic says: If PTR = unknown AND helo hostname is not in DNS, reject. ( remember, if a legit mail server doesn't have a PTR, they can't sent to AOL.) But we'll give them a second chance, "no PTR? ok, give us a valid helo hostname (has A or MX in DNS), and we'll not reject you". But if you screw up both of them, you're outta here. The next click on the rathchet is to reject only on unknown PTR (it AOL can do it, we can, too) Do you know your counts of unknown vs known PTR? Here's how to count, the unknowns: # zegrep -i "smtpd.*: connect from" /postfix/log/maillog.3.gz | egrep -ic "unknown\[" 96129 and the known PTR: zegrep -i "smtpd.*: connect from" /postfix/log/maillog.3.gz | egrep -ivc "unknown\[" 177432 amazing, huh? 96 / ( 96 + 177 ) = 35 % of SMTP clients have NO PTR, and can't send to AOL. Why do we let them send to us? Len
