On 8/18/2010 7:53 AM, Kris Deugau wrote:
Alexandre Chapellon wrote:
When other well known DNSBL (I have always heard spamhaus sbl and xbl
are trust worthy) list less at most 50 entries , barrcuda lists
almost 8000!!!!
That's not a problem all by itself, but when combined with this:
Finally there is a special feature that barrcuda folks call "deep
scanning" which makes the appliance scans the 'Received' headers and
reject the mails if an IP found in that headers, is listed in the
DNSBL... a feature that should obviously be called: 'even increase my
false positive rate'
... it makes life difficult. (In fact, if you provide Internet access
for residential customers, a big chunk of your IP address space
*should* be listed on Spamhaus' PBL - these IPs should be using your
SMTP relay, or submitting mail via SMTP AUTH to another relay, not
contacting recipient MXes directly.)
I've had far too many incidents in the last ~6 months of having tech
support ask me to dig into why a certain customer of ours is suddenly
getting postmaster rejections on their mail to certain recipients -
usually "important business contacts".
All of them have proven to be recipients behind a Barracuda filter
appliance that's deep-scanning headers and rejecting the message based
on our customer's connection IP on our network - an IP behind our
standard block for SMTP to anywhere but our own SMTP relay... and the
rejected message was properly relayed through that system. Or worse,
an IP on some other provider's network, where our mail customer is
using SMTP AUTH on port 587 to relay through our server.
I usually tell tech support to tell the customer that they'll have to
contact the recipient by eg phone to let them know they're missing
legitimate mail.
-kgd
I also scan IPs in received headers. I don't reject on that by itself
but it is a factor when combined with other conditions.
--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400
