|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: wish list: RBL processing on trusted Received IP addresses
From: Jim Seymour (jseymour
LinxNet.com)
Date: Tue Sep 02 2003 - 06:55:57 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
<postfix-users-mailasthe.com> wrote:
>
[snip]
>
> It would be VERY helpful if I could give a list of trusted-clients:
>
> trusted-clients =
> hash:/etc/postfix/trusted-clients
>
> Whenever client (site sending my server EMail) is one of those
> 'trusted-clients', then a set of anti-spam processing is perform on the
> IP address that the trusted client placed into their Received; header.
[snip]
Nothing like this is available, natively, in Postfix. And for good
reason.
>
> I realize that the trusted_client_restrictions would occur only after
> the DATA/message was received, but that would still be a BIG help.
How, exactly? You can't reject it, once one of your "trusted sites"
has accepted it. If you do, it will be sent back to probably an
invalid sender.
>
> For example:
>
> * trusted MX sites
>
> If you trust your backup MX sites, you could add them to the
> trusted-clients list. You could them perform RBL blocking on
> IP address of the sites that sent you EMail through them.
First of all: A "backup MX" is almost completely worthless if all it's
doing is sending it along to your primary MX, as it usually does
nothing positive for you. The vast majority of mail servers on the
'net will hold an undeliverable email for 3-5 days anyway. Which is
probably as long as your "backup MX" will hold it.
Secondly: If you don't have complete control over your "backup MX" (it
appears you have none), so you can implement the same anti-spam stance
there as on your primary, all you accomplish is providing a very nice,
unlocked back door for spammers to abuse.
At work, I have a backup MX. But it's on completely different network
connectivity, *I* control it and it doesn't simply send it along to my
primary MX, but instead is connected to my LAN, so it can send things
along to the internal mail servers.
My home ISP automatically listed one of their mail servers as a backup
MX for my private domain. At first I thought "How thoughtful of
them." Then the spammers started exploiting such things. I devoted
some thought to it and quickly came to the conclusion that there was
no point to it. (Well, no *positive* points, anyway.)
>
> * trusted mailing forwarding sites
>
> You receive EMail on a site that forwards EMail to you (say via
> .forward or some other mechanism). You could them perform RBL blocking on
> IP address of the sites that send you EMail via this forwarding site.
No, you cannot "perform RBL blocking" in such a scendario. You could,
at best, perform email bouncing based on DNSbl lookups. Again: Boucing
to the sender address will usually result in a bounce to the wrong
person. (I'm becoming so fed up with people doing this that I'm
beginning to consider just locally blocklisting such sites.)
Btw: "RBL" is a registered service mark of Mail Abuse Prevention
Systems, LLC. (MAPS). Please use DNSbl when referring to DNS-based
block-/black-lists.
>
> Has something like this been done? Is anyone interested in implementing
> (or helping implement) such a feature?
Not that *I* know of, and no, respectively.
--
Jim Seymour | PGP Public Key available at:
jseymourLinxNet.com | http://www.uk.pgp.net/pgpnet/pks-commands.html
http://jimsun.LinxNet.com |
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]