Monday, 28. July 2003
Another new record
With the month about to end, we are all set to break another record (full stats available Friday).
Known good mail now accounts for less than half of all email here. There has been an enormous rise in attempts to connect via SMTP from hosts known or suspected to be abusable proxy servers. Most of these come from a single, very large network in Germany.
For example, last Friday (why is it always Fridays?), we blocked 660 attempts to deliver mail here from only 27 hosts. Most of these hosts only tried once or twice, so that leaves a huge raft of abuse coming from a handful of sources (actually, just the one).
Have started blocking these things locally, using Domino's rather obscure and poorly documented wildcarded quasi domain literal syntax.
Known good mail now accounts for less than half of all email here. There has been an enormous rise in attempts to connect via SMTP from hosts known or suspected to be abusable proxy servers. Most of these come from a single, very large network in Germany.
For example, last Friday (why is it always Fridays?), we blocked 660 attempts to deliver mail here from only 27 hosts. Most of these hosts only tried once or twice, so that leaves a huge raft of abuse coming from a handful of sources (actually, just the one).
Have started blocking these things locally, using Domino's rather obscure and poorly documented wildcarded quasi domain literal syntax.
Example
Listed in Domino Server Configuration document, Router/SMTP / Restrictions and Controls / SMTP Inbound Controls tab, field "Deny connections from the following SMTP internet hostnames/IP addresses:"; multiple entries delimited with ;
[192.168.0-31.*]
same as
CIDR: 192.168.0.0 /19
This keeps the DNSBL DNS look-up activity down to a sensible level. No point in doing DNSBL look-ups on hosts we already know we don't like, so into the local blocks they go - my small contribution to the survival of the block lists.
Category: Spam blocking rationale
Technorati: Spam blocking rationale
Comments :
None yet...
Unable to post a comment? Please read this for a possible explanation...
- 
