Matt Kettler wrote:
Not all dynamic blocks are "different every day" like your net cafe example. You can't categorically excuse dynamic IPs from proxy list checks.but I *have* to do something, currently i risk bouncing perfectly valid mail originating from these IP blocks.
what would you say to counting the hops, then running notfirsthop tests on the SOCKS/PROXY rbl lists and then reducing the score with a meta rule, if there are more than 2 hops.
as in:
+ the firsthop is an open relay..
+ then the message was relayed by other relay (how many open relays are configured with a smarthost?)
+ the "other relay" is not an open relay, so.....
= ignore the fact that the firsthop is an open relay.
