From owner-freebsd-chat  Wed Nov 26 10:01:06 1997
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id KAA05529
          for chat-outgoing; Wed, 26 Nov 1997 10:01:06 -0800 (PST)
          (envelope-from owner-freebsd-chat@FreeBSD.ORG)
Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id KAA05507;
          Wed, 26 Nov 1997 10:00:51 -0800 (PST)
          (envelope-from mark@greenpeace.grondar.za)
Received: from greenpeace.grondar.za (Gm7WCtbcGqLLgClaRyQ7B6yaXtjUf7i3@greenpeace.grondar.za [196.7.18.132])
	by gratis.grondar.za (8.8.7/8.8.8) with ESMTP id UAA07578;
	Wed, 26 Nov 1997 20:00:39 +0200 (SAT)
	(envelope-from mark@greenpeace.grondar.za)
Received: from greenpeace.grondar.za (gRjP/VdW/cOIRB9ofhmGwkx5aQCZ3nQt@localhost [127.0.0.1])
	by greenpeace.grondar.za (8.8.8/8.8.8) with ESMTP id UAA01100;
	Wed, 26 Nov 1997 20:00:37 +0200 (SAST)
	(envelope-from mark@greenpeace.grondar.za)
Message-Id: <199711261800.UAA01100@greenpeace.grondar.za>
X-Mailer: exmh version 2.0zeta 7/24/97
To: "Jonathan M. Bresler" <jmb@FreeBSD.ORG>
cc: jkh@time.cdrom.com, grog@lemis.com, chat@hub.freebsd.org
Subject: Re: major push by spammers? 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 26 Nov 1997 20:00:36 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

"Jonathan M. Bresler" wrote:
> > The stuff in FreeBSD's sendmail rules workds well, no doubt about that, 
> > but it is not failsafe. If your DNS is a bit slow, you can lose mail.
> 
> 	hmm....not sure that i agree with you.
> 	if w are slow to resolve, the error code is 451, a temp error,
> 	meaning try again later.  the spammers databases dont use DNS.
> 	and RBL is failsafe.....so can you explain it to me?
> 
> 	i dont understand.

I'm looking at the rules again, and I'm confused. I have seen 
legitimate mail from freebsd/hub.freebsd.org being bounced with a 500 
code when DNS was ropey. I cannot figure out this happened from the 
rules I have. I'll go with mea culpa unless proven otherwise :-).

I meant:

The ruleset that I have (committed by Peter?) looks up the domain of 
incoming mail. if it does not check, the mail is rejected. If the DNS 
does not answer in time, the mail is bounced for the same reason.

Vixies RBL works in reverse; the spammer's IP is checked on connection. 
If the RBL resolves the IP (PTR-style) to 127.0.0.2 then the mail is 
rejected. If DNS fails, the mail is accepted by default.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org