Re: Which Spam Block List to use for a network?
On Mon, Jun 21, 2004 at 12:46:01PM +0200, Francisco Borges wrote:
> ? On Sat, Jun 19, 2004 at 08:15:11AM +0000, Adam Funk wrote:
>
> > On Friday 18 June 2004 15:40, Francisco Borges wrote:
> >
> > > THE QUESTION:
> > >
> > > We need to use some form of Block List at the connection level,
> >
> > Whatever you do, don't be one of those ignorant, asinine admins who
> > block mail from all dynamic IPs.
>
> No, I don't intend to do that.
yeah, good decision. blocking mail from dynamic/dialup IP addresses is the
right thing to do, but it's much better to be an informed, intelligent and
suave admin who does that than an ignorant, asinine one (but that's true of
everything, isn't it?).
> Interestingly enough, *today* I got a note from a colleague has started doing
> it at his network.
smart colleague.
> I don't know the axact number by heart but we are above 1500 users here;
> blocking dynamic IPs would be a disaster.
permit your own dynamic/dialup IP addresses, same as you (should) do with other
restrictions (e.g. rejecting non-fqdn hostnames...good thing to block from
external sources, but not a good idea to block from your own users).
reject other dyn/dialups - they should use their own ISP or mail server.
in postfix, you do that by putting the "permit_mynetworks" rule *before* the
"reject_rbl_client ...." rule.
craig
--
craig sanders <cas@taz.net.au>
The next time you vote, remember that "Regime change begins at home"
Reply to: