At 05:41 6/16/2004, Goesta Smekal wrote: > We are facing a dramatic increase of SMTP traffic due to that. Since > there is >no attachment AV doesn't get it. Since there is no 'normal' sign of spam (like >multiple recipients, junk characters etc.) spamfilters are unlikely to get it >either.
I can't speak for anyone else, but I've found that denying service to "dynamic" addresses (based on RDNS patterns) to be a very effective tool for reducing both spam and virus traffic. Since most (not all, as has been pointed out here in the past) dynamic addressed machines are covered by terms of service or acceptable use policies that prohibit the running of servers, a case can be made that these machines should not be sending mail directly to mail servers (other than the ISP responsible for their connectivity). And, of course, if there are specific machines that are running mail servers, they can avoid such a block in two ways: 1) Getting a static IP address from their provider so that you can whitelist the address 2) Getting "non-generic" RDNS assigned by their provider For example, one of the RDNS patterns that gets blocked here is "*-*-*-*.bahnhofbredband.net" - this blocks the generically assigned RDNS machines (those with IP addresses in the first portion), while not blocking legitimate mail servers in that domain (as they would not have IP addresses in the first portion of the RDNS value). Of course, blocking based on RDNS takes a minor modification to the source code (or, the use of version 1.19 or later, with a pre-data filter). - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
