From owner-freebsd-questions@FreeBSD.ORG Sun Mar 24 16:59:16 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id A55323E8 for ; Sun, 24 Mar 2013 16:59:16 +0000 (UTC) (envelope-from Lena@lena.kiev.ua) Received: from lena.kiev.ua (lena.kiev.ua [82.146.52.81]) by mx1.freebsd.org (Postfix) with ESMTP id 74AC26CD for ; Sun, 24 Mar 2013 16:59:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lena.kiev.ua; s=3; h=Content-Type:Mime-Version:Message-ID:Subject:To:From:Date; bh=HnM0RXDr1olA9E1jXK85LYeFhzi1SVBVXJXZCQoSLBA=; b=g5xEEFsPdW9JW0yYnMpKCVSIHASVSkaTqmjQKY4LfKNuhq0qbNXOahs/XWLCajZim+15l5dyc0vnMHQijpBkCEVkBDvBJDkOTQNA6nwzQ0+CamlWdaolS/0ortj1X1Y5ANJLVhqcvH9/5wOV9hq/TnDPGpc2xWM0HO7/P6wrRLw=; Received: from ip-384c.rusanovka-net.kiev.ua ([94.244.56.76] helo=bedside.lena.kiev.ua) by lena.kiev.ua with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.80.1 (FreeBSD)) (envelope-from ) id 1UJoGJ-000Jtc-9P for freebsd-questions@freebsd.org; Sun, 24 Mar 2013 18:59:16 +0200 Received: from bedside.lena.kiev.ua (localhost.lena.kiev.ua [127.0.0.1]) by bedside.lena.kiev.ua (8.14.6/8.14.5) with ESMTP id r2OGx9Zt003651 for ; Sun, 24 Mar 2013 18:59:09 +0200 (EET) (envelope-from Lena@lena.kiev.ua) Received: (from lena@localhost) by bedside.lena.kiev.ua (8.14.6/8.14.5/Submit) id r2OGx9P7003650 for freebsd-questions@freebsd.org; Sun, 24 Mar 2013 18:59:09 +0200 (EET) (envelope-from Lena@lena.kiev.ua) Date: Sun, 24 Mar 2013 18:59:09 +0200 From: Lena@lena.kiev.ua To: freebsd-questions@freebsd.org Subject: Re: Client Authentication Message-ID: <20130324165909.GC913@lena.kiev> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.3i X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 16:59:16 -0000 > How about refusing to > relay mail from addresses in a good DNSBL? Bad idea. Legitimate users connecting from dynamic IP-addresses is normal. DNSBLs list a dynamic IP-address permanently or for long time after a zombied Windows spewed spam from it. Some DNSBLs warn about that explicitly, for example: http://www.spamhaus.org/zen/ | Caution: Because ZEN includes the XBL and PBL lists, do not use ZEN | on smarthosts or SMTP AUTH outbound servers for your own customers | (or you risk blocking your own customers).