Hi,
the new feature "Reject 'dynamic' Client Hostnames" option you announced recently seems to be great - I think it will filter out many mails.
You wrote:
>Advanced currently contains one additional pattern:
>bd
>
>We will add more patterns to advanced mode as we see them or as they
>are suggested to us.
In my first tests occured the following entry:
201.29.123.207 (123207.user.veloxzone.com.br)
That means "cd" without dot, maybe you want to add it to advanced mode. Or do you think that advanced filters with digits (but without dots) could filter too much ? Maybe it isn
Re: "Reject 'dynamic' Client Hostnames" option
Moderator: Moderators
in addition to this topic:
do you think hosts named 123-456-789-123.static.provider.tld should be rejected because of the same reason as dynamic addresses, or are they reputable and should be able to deliver mail ?
The hostname contains the same pattern as the above mentioned you are filtering, but addresses are static and maybe are used for normal mail or web servers.
Is there any way to filter dynamic addresses but accept mail from these static ones ?
Regards,
Karsten
do you think hosts named 123-456-789-123.static.provider.tld should be rejected because of the same reason as dynamic addresses, or are they reputable and should be able to deliver mail ?
The hostname contains the same pattern as the above mentioned you are filtering, but addresses are static and maybe are used for normal mail or web servers.
Is there any way to filter dynamic addresses but accept mail from these static ones ?
Regards,
Karsten
-
RollerNetSupport
- Site Admin
- Posts: 598
- Joined: Wed Nov 17, 2004 10:05 pm
- Location: Nevada
- Contact:
Other than whitelisting IP addresses you want to get mail from that match the "dynamic" pattern, there's really no way to tell based on DNS information alone. It may say "static" in the dns, but I don't really think that's enough to be valid. I used to work for an ISP whose idea of "static" IP addresses was paying them extra $$ per month, but the address could change if they ran out of space in the pool - the so-called statics were the same pool as the dynamics. That seems kind of dynamic to me. Routing someone a block of addresses is less so. I'd certanly think someone with a routed block as less likely a spam source than someone with a "static" in a dynamic pool.
Most ISPs are willing to change the reverse lookup on an IP address (if it really is a static, or part of a business class account, for example) when there's a good enough reason to. I used to run a mail server off my SBC (now AT&T) DSL at home, and they would do reverse delegations if I asked. These days, I use rollernet to send mail. =) I started doing it because my computer in the hall closet was more reliable at sending mail than SBC was, and I suspect a lot of others fall into the same category as I do. But I got my reverse DNS changed since they were giving me a block of addresses on my account.
In my experience, "201.29.123.207 (123207.user.veloxzone.com.br)" is good enough to warrant a pattern in advanced mode. Anything two octets and above in a DNS lookup almost always indicate some kind of bulk DNS and dynamic host pool. Anyone wanting to legitimize their mail server should go to the effort of asking their ISP for a reverse delegation (or change it for them), use their ISP's smarthost, or get a smarthost service like ours if they don't like their ISP's mail service. (And in turn, we do police our users to make sure they don't send spam through our smarthost.) Much like the "Require successful PTR lookup on client IP" option and others in clients checks, this option is strongly encouraging proper DNS practice for legitimate mail hosts, and are quite effective at blocking spam-spewing viruses from people's home computers.
Most ISPs are willing to change the reverse lookup on an IP address (if it really is a static, or part of a business class account, for example) when there's a good enough reason to. I used to run a mail server off my SBC (now AT&T) DSL at home, and they would do reverse delegations if I asked. These days, I use rollernet to send mail. =) I started doing it because my computer in the hall closet was more reliable at sending mail than SBC was, and I suspect a lot of others fall into the same category as I do. But I got my reverse DNS changed since they were giving me a block of addresses on my account.
In my experience, "201.29.123.207 (123207.user.veloxzone.com.br)" is good enough to warrant a pattern in advanced mode. Anything two octets and above in a DNS lookup almost always indicate some kind of bulk DNS and dynamic host pool. Anyone wanting to legitimize their mail server should go to the effort of asking their ISP for a reverse delegation (or change it for them), use their ISP's smarthost, or get a smarthost service like ours if they don't like their ISP's mail service. (And in turn, we do police our users to make sure they don't send spam through our smarthost.) Much like the "Require successful PTR lookup on client IP" option and others in clients checks, this option is strongly encouraging proper DNS practice for legitimate mail hosts, and are quite effective at blocking spam-spewing viruses from people's home computers.
Technical Support support@rollernet.us
Roller Network LLC
Roller Network LLC
Hi,
thank you for reply.
Yes, I agree - of course I set a correct host name and PTR entry for reverse lookup on my root server, but it seems not to be done by many people e.g. sending newsletters or order confirmations directly from their web server, as I noticed.
At the moment I am glad to be able to filter dynamic entries, but I
thank you for reply.
Yes, I agree - of course I set a correct host name and PTR entry for reverse lookup on my root server, but it seems not to be done by many people e.g. sending newsletters or order confirmations directly from their web server, as I noticed.
At the moment I am glad to be able to filter dynamic entries, but I