John Rudd wrote:
Kevin A. McGrail wrote:
I've taken a while to digest it for a more thorough response but
really only found one issue with the fundamental differences between
our approaches.
b) I look for elements of the IP address in the domain (or, in the
sub-domain in your case).
I would recommend against this because large vendors like
MCI/WorldComm/Verizon have gone with this naming scheme for business
static users:
static-70-21-118-207.res.east.verizon.net.
My primary reaction to this is:
if their ISP wont give them a custom PTR record, then they should use
their ISP's SMTP server for outbound email. This is absolutely true,
but lots of people bristle at the suggestion that their business mail
server shouldn't talk directly to the world. So, I've been considering
moving those checks to filter_end and having it generate tags that
indicate the message should be treated as spam instead of being rejected.
I meant to add one more thing there:
What I mean by "treat it as spam" is:
a) put it in my quarantine file,
b) send me a notice that it has been quarantined (notice tells me
sender, date and subject of message)
c) let me decide if I want to fish it out of quarantine and/or whitelist
that IP address or sender vs. leaving it in the quarantine folder for 3
days and letting sa-learn pick it up to reinforce the spam potential.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
