[Gross] greylisting on reverse dns patterns
jesse.thompson at doit.wisc.edu
Mon Apr 16 17:50:41 EEST 2007
We're seeing an uptick in spam here. Gross is still blocking over 58%
(6% match) of the messages, but the increase in overall spam is becoming
more noticeable. I'm noticing that a lot of the spam is originating
from IP addresses that have a reverse dns record that indicates that the
IP is dynamically assigned. e.g. "pool" or "dynamic" or "dhcp"
Is there a more aggressive RBL that will list IPs that are on known
dynamic networks? Here is the list of RBLs that I'm currently using.
dnsbl = rbl-plus.mail-abuse.org
dnsbl = bl.spamcop.net
dnsbl = dnsbl.njabl.org
dnsbl = cbl.abuseat.org
dnsbl = dnsbl.sorbs.net
dnsbl = list.dsbl.org
dnsbl = multihop.dsbl.org
dnsbl = zen.spamhaus.org
What about adding a feature to Gross to match on the reverse dns of the
client_ip? I'm considering cracking open the source code and dusting
off my C reference to consider implementing this feature myself.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3304 bytes
Desc: S/MIME Cryptographic Signature
More information about the Gross