> So, based on the code flying around, you'd never get my email. > So what would your response be (I usually try to reject with a telephone > number, so real clients can phone and bitch about the SMTP failure)? > "Change ISP"... That's not quite the response thats going to help our > company communicate to you via email. I admit, things need to change and > perhaps the email admins need to make that change. Take a stand, protect > it by policy, or fight those misconfigured systems. Maybe this will > actually change this situation (will your boss pay for it though?).
My response is: "Connection rejected - we don't accept mail from end-user hosts - get a proper reverse IP mapping, or route via your ISPs mail server." If you are capable of setting up your own mail server, you should be capable of configuring the routing as suggested, or of sorting out rDNS, or both. If you are on an address in a block which appears in some of the lists of "dynamic" ranges, you will already have discovered that AOL, Yahoo, Sprintmail and several other fairly major players are already refusing mail from you. The solution to this is to use your ISP's mail server - either for all traffic, or for specific domains via an entry in Sendmail's mailertable map. > The amount of dhcp, dsl, cable, dialup being in a domain > name does make you want to drop them dead, but just on PTR/IP tests? > This sounds like something Verizon, or A0L will do. Yes, until there is a better way to do it. > You might as well return "Sorry, go to http://URL.HERE.com/WhiteList/, > and get yourself whitelisted" in the error message.. Possibly - but imagine every user having to do this for every address they send to... > You could take this data, and figure out the average spam value of the > emails. If it consistently sends more spam, score it high. > This is starting > to sound like AWL from SA, but without the cost of the SA process. > Delay/Greylist the email for longer than normal; get the > emailing server > to incur cost, reduce their rate of transfer, but but not > drop instantly. The problem with broadband botnets is that the spammers aren't paying for the bandwidth, don't care about delays, and have plenty more addresses they can try from. In some cases, it looks like each bot is a throwaway address which never gets used again, so the owner never works out that their system was hijacked between 0300 and 0600 last Tuesday. Until maybe a few weeks or months later, when everyone has taken the offending address out of their blacklists due to inactivity... Paul. -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.392 / Virus Database: 268.5.2/329 - Release Date: 02/05/2006 _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
