[Mimedefang] Re: Great open letter about anti-virus, emails, bounces, etc.
Royce Williams
royce.williams at acsalaska.net
Mon Sep 15 18:29:11 EDT 2003
Michael Sims wrote:
> mimedefang-admin at lists.roaringpenguin.com wrote:
>
>>We maintain an extensive "mini-DUL" with reverses for IPs that are
>>known to be dynamically allocated in our sendmail access file.
>>
>>We've had good luck with kicking back a 550 that simply says "Mailing
>>directly from dynamics refused; please use your provider's outgoing
>>mail server to relay."
>
>
> Sounds like a good idea. Do you do this based off a substring of the PTR
> record, or are you maintaining a list of IP networks?
A little of both. *.ipt.aol.com, attbi.com, and anybody with dialup
and/or DSL that conforms to the proposed best practice (don't have the
URL handy) of having PTR records that look like this:
192-168-31-337.stl.wa.dialups.example.net
instead of:
192-168-31-337-dialups.stl.wa.example.net
... so that this single sendmail access entry covers them all:
dialups.example.net REJECT
We're gearing up to move our dynamics to a similar naming scheme
ourselves. I really wish that I had the URL handy. I'll post
it later when I find it, if anybody's interested.
We also block based on IP blocks if they're big enough to bother with
and are demonstrably dynamic. I do sometimes wish that sendmail
grokked CIDR. :) We notify the admins of the IPs whenever possible.
I'm sure that the n.a.n-a.e. folks have this down pat, but that's what
we've been doing, but it's a losing battle in a lot of ways .. which is
why we've been so happy with SA + MD + File::Scan + clamd.
Royce
--
------------------------------------------------------------------------
Royce D. Williams
ISP System Administrator III - ACS IP/ISP
907-565-2267 PGP key: 0x3FC087DB http://web.acsalaska.net/~royce/
More information about the MIMEDefang
mailing list