Date: Wed, 26 Apr 2023 20:32:12 -0400 From: George Mitchell <george+freebsd@m5p.com> To: FreeBSD Hackers <freebsd-hackers@FreeBSD.org> Subject: Sendmail, /etc/mail/access, and spam "best practices" Message-ID: <ad9a6894-17ca-ab19-278c-9c18b435a9fc@m5p.com>
next in thread | raw e-mail | index | archive | help
In the hope that a significant number of readers of this message are in charge of email administration, may I ask for guidance on how aggressive you tend to be on using sendmail's /etc/mail/access feature to block email access to substantial portions of address space? I don't want to name any specific entities (corporate or political) as possible targets, but numerous owners of IPv4 /24 blocks, and some /16 blocks and even a few /12 blocks generate an inordinate percentage of the spam messages I have to handle. Right now, I will generally add the specific source of any single spam message to /etc/mail/access, and if I see even only two addresses in the same /24 block, I feel no compunction about blocking the whole /24. Obviously blocking a /16 or a /12 is much more problematic. Thank goodness for abuseat.org, with whose help I daily reject hundreds of messages, and still multiple others still go through. My /etc/mail/access is close to 20,000 entries at this point, though, and it sure is tempting to block some of those /16s, though. -- George
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ad9a6894-17ca-ab19-278c-9c18b435a9fc>