[Gross] greylisting on reverse dns patterns
Jesse Thompson
jesse.thompson at doit.wisc.edu
Mon Apr 16 17:50:41 EEST 2007
Hi,
We're seeing an uptick in spam here. Gross is still blocking over 58%
(6% match) of the messages, but the increase in overall spam is becoming
more noticeable. I'm noticing that a lot of the spam is originating
from IP addresses that have a reverse dns record that indicates that the
IP is dynamically assigned. e.g. "pool" or "dynamic" or "dhcp"
Is there a more aggressive RBL that will list IPs that are on known
dynamic networks? Here is the list of RBLs that I'm currently using.
dnsbl = rbl-plus.mail-abuse.org
dnsbl = bl.spamcop.net
dnsbl = dnsbl.njabl.org
dnsbl = cbl.abuseat.org
dnsbl = dnsbl.sorbs.net
dnsbl = list.dsbl.org
dnsbl = multihop.dsbl.org
dnsbl = zen.spamhaus.org
What about adding a feature to Gross to match on the reverse dns of the
client_ip? I'm considering cracking open the source code and dusting
off my C reference to consider implementing this feature myself.
Jesse
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3304 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.utu.fi/pipermail/gross/attachments/20070416/6b11afe7/attachment.bin>
More information about the Gross
mailing list