From: "Keith Whyte" <[EMAIL PROTECTED]>
> Matt Kettler wrote:
>
> > Firsthop *ONLY* applies to dialup/dynamic IP lists. None of the lists
> > that fired are dialup lists.
>
> I just ran a grep on the rules for notfirsthop and realise this now,
> sorry for the lazy post.....
>
> >
> > In this case, it looks like the RBLs are claiming 200.78.33.237 was
> > running an open proxy. SORBS last scanned it august of 2003, but
> > nobody has ever requested rescan or challenged the listing.
> >
> > The SORBS ones can be cleared up pretty easily, if the user goes to
> > www.dnsbl.sorbs.net and looks up their IP, they can request a re-scan.
>
> Yes, but as it was a from a user in an internet cafe on a mexican DSL
> provider's link, chances are there are more listed ip's, and the when
> the caf� boots up tommorrow equally they'll get a different address.
> (it's prodigy-infinitum - they operate on mostly Dynamic IP DSL) I've
> seen a good few listed recently.
> Should this be considered a bug? - a score of nearly 6 just for using a
> net caf�? how could i lower the score here?
Don't use such a broad brush as you get with black lists. Scan via other
means. I do not use BLs here. Of about 200 spams a day I get about 1 missed
spam per day and maybe one false hit every few weeks. With that well
setup filtering why should I bother with the BLs and their overly broad
brushes?
An alternative is to let the person know that he should defer sending
his email until he is home. Internet cafes are prime sites for sending
spam and scams. The recent Nigerian 419 scammer that was caught was
nailed in a wireless hotspot at a Starbucks, I believe.
{^_^}
