From owner-freebsd-questions@FreeBSD.ORG Sun Mar 20 20:50:01 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 05CE616A4CE for ; Sun, 20 Mar 2005 20:50:01 +0000 (GMT) Received: from wonkity.com (wonkity.com [67.158.26.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7023243D1F for ; Sun, 20 Mar 2005 20:50:00 +0000 (GMT) (envelope-from wblock@wonkity.com) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.13.3/8.13.1) with ESMTP id j2KKnvHe082428; Sun, 20 Mar 2005 13:49:57 -0700 (MST) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.13.3/8.13.1/Submit) with ESMTP id j2KKnvCq082425; Sun, 20 Mar 2005 13:49:57 -0700 (MST) (envelope-from wblock@wonkity.com) Date: Sun, 20 Mar 2005 13:49:57 -0700 (MST) From: Warren Block To: Christopher Nehren In-Reply-To: Message-ID: <20050320132153.J82328@wonkity.com> References: <1111335484.16385.2.camel@lmail.bathnetworks.co.uk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (wonkity.com [127.0.0.1]); Sun, 20 Mar 2005 13:49:57 -0700 (MST) cc: freebsd-questions@freebsd.org Subject: Re: Ebay Phishing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Mar 2005 20:50:01 -0000 On Sun, 20 Mar 2005, Christopher Nehren wrote: > On 2005-03-20, Warren Block scribbled these > curious markings: >> If you have your own mailserver, most of this can be rejected by using >> greylisting or by rejecting mail from dynamic Comcast IP addresses, >> while still allowing mail coming from Comcast's mail servers. > > Which is completely and totally unfair to those of us who *can* control > our networks and who are more than likely being blamed for things that > we aren't even doing (i.e. machines not on Comcast's network forging > headers). Spam from genuine Comcast dynamic IP addresses is a serious problem. If someone needs to receive email from Comcast dynamic addresses, greylisting has no more serious effect than delaying it by half an hour. And the mailservers that Comcast provides for dynamic IP users can be whitelisted, so for users who smarthost through those servers there will be no delay or inconvenience at all. (FreeBSD relevant: /usr/ports/mail/milter-greylist) > DNS blacklisting is one of the most unfair methods of stopping > spam. This is quite a jump from greylisting. I was thinking more of looking up the Comcast listings from blackholes.us and then adding them to /etc/mail/access. It depends on the severity of the problem. > It's a real pain in the neck for me to edit my Postfix > configuration every time some pissy netadmin decides to blacklist a > whole netblock because of one or two (ignorant) miscreants. What do you have to edit? If you're in Comcast dynamic space, why not just smarthost through their servers? -Warren Block * Rapid City, South Dakota USA