Re: "Reject 'dynamic' Client Hostnames" option

New ideas and constructive comments go here.

Moderator: Moderators

Post Reply
kthomas
Posts: 22
Joined: Sun Aug 27, 2006 2:59 pm
Location: Germany

Re: "Reject 'dynamic' Client Hostnames" option

Post by kthomas »

Hi,

the new feature "Reject 'dynamic' Client Hostnames" option you announced recently seems to be great - I think it will filter out many mails.

You wrote:
>Advanced currently contains one additional pattern:
>bd
>
>We will add more patterns to advanced mode as we see them or as they
>are suggested to us.

In my first tests occured the following entry:
201.29.123.207 (123207.user.veloxzone.com.br)

That means "cd" without dot, maybe you want to add it to advanced mode. Or do you think that advanced filters with digits (but without dots) could filter too much ? Maybe it isn
kthomas
Posts: 22
Joined: Sun Aug 27, 2006 2:59 pm
Location: Germany

Post by kthomas »

in addition to this topic:

do you think hosts named 123-456-789-123.static.provider.tld should be rejected because of the same reason as dynamic addresses, or are they reputable and should be able to deliver mail ?
The hostname contains the same pattern as the above mentioned you are filtering, but addresses are static and maybe are used for normal mail or web servers.

Is there any way to filter dynamic addresses but accept mail from these static ones ?

Regards,
Karsten
RollerNetSupport
Site Admin
Posts: 598
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport »

Other than whitelisting IP addresses you want to get mail from that match the "dynamic" pattern, there's really no way to tell based on DNS information alone. It may say "static" in the dns, but I don't really think that's enough to be valid. I used to work for an ISP whose idea of "static" IP addresses was paying them extra $$ per month, but the address could change if they ran out of space in the pool - the so-called statics were the same pool as the dynamics. That seems kind of dynamic to me. Routing someone a block of addresses is less so. I'd certanly think someone with a routed block as less likely a spam source than someone with a "static" in a dynamic pool.

Most ISPs are willing to change the reverse lookup on an IP address (if it really is a static, or part of a business class account, for example) when there's a good enough reason to. I used to run a mail server off my SBC (now AT&T) DSL at home, and they would do reverse delegations if I asked. These days, I use rollernet to send mail. =) I started doing it because my computer in the hall closet was more reliable at sending mail than SBC was, and I suspect a lot of others fall into the same category as I do. But I got my reverse DNS changed since they were giving me a block of addresses on my account.

In my experience, "201.29.123.207 (123207.user.veloxzone.com.br)" is good enough to warrant a pattern in advanced mode. Anything two octets and above in a DNS lookup almost always indicate some kind of bulk DNS and dynamic host pool. Anyone wanting to legitimize their mail server should go to the effort of asking their ISP for a reverse delegation (or change it for them), use their ISP's smarthost, or get a smarthost service like ours if they don't like their ISP's mail service. (And in turn, we do police our users to make sure they don't send spam through our smarthost.) Much like the "Require successful PTR lookup on client IP" option and others in clients checks, this option is strongly encouraging proper DNS practice for legitimate mail hosts, and are quite effective at blocking spam-spewing viruses from people's home computers.
Technical Support support@rollernet.us
Roller Network LLC
kthomas
Posts: 22
Joined: Sun Aug 27, 2006 2:59 pm
Location: Germany

Post by kthomas »

Hi,
thank you for reply.

Yes, I agree - of course I set a correct host name and PTR entry for reverse lookup on my root server, but it seems not to be done by many people e.g. sending newsletters or order confirmations directly from their web server, as I noticed.
At the moment I am glad to be able to filter dynamic entries, but I
Post Reply