|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Backscatter with forged return-path
From: mouss (mouss
ml.netoyen.net)
Date: Wed Jan 28 2009 - 17:52:11 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Darren Pilgrim a écrit :
> Paweł Leśniak wrote:
>> The worst is I also have ~500 IPs which I can't tell from logs
>> (sender, recipient, ip, helo)
>> whether I want those messages or not.
>
> They will filter themselves for you. Legitimate MTAs will retry dozens
> to hundreds of times in 24 hours; however, zombies will only a try few
> times--most only once or twice. If you run daily reports on your logs,
> the worst case is a 1-day delivery delay for a very small amount of
> legitimate email.
but if they still have a helo resolution dns, they will ultimately
bounce after 4/5 days, which is worst than a straight reject.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]