EmailDiscussions.com - View Single Post

robmueller · 21 Feb 2007, 07:05 PM

I won't add isps to trusted hosts, since they are actually indirectly the source of most spam with their users on dsl networks with compromised machines.

Actually, that's all the trusted_hosts thing is about, allowing us to correctly scan back through Received headers that are NOT an ISP. In theory, about the only machines on RBLs should be:

1. Compromised machines on DSL/dialup lines (99%)
2. Compromised servers (1%)

It's silly using RBLs that block email sources with any legitimate mail (eg hotmail/yahoo/etc) even if they do send some spam, because you're just randomly blocking some machine and users. I think RBLs are best when they just block known insecure machines that should never be sending email.

I think having the per-user option is the best way to go in the long term, but I'm happy to add forwarders people use if they email me.

Rob

21 Feb 2007, 07:05 PM	#9
robmueller Intergalactic Postmaster Join Date: Oct 2001 Location: Melbourne, Australia Posts: 6,102 Representative of: Fastmail.FM	I won't add isps to trusted hosts, since they are actually indirectly the source of most spam with their users on dsl networks with compromised machines. Actually, that's all the trusted_hosts thing is about, allowing us to correctly scan back through Received headers that are NOT an ISP. In theory, about the only machines on RBLs should be: 1. Compromised machines on DSL/dialup lines (99%) 2. Compromised servers (1%) It's silly using RBLs that block email sources with any legitimate mail (eg hotmail/yahoo/etc) even if they do send some spam, because you're just randomly blocking some machine and users. I think RBLs are best when they just block known insecure machines that should never be sending email. I think having the per-user option is the best way to go in the long term, but I'm happy to add forwarders people use if they email me. Rob