Dynamic clients

classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|

Dynamic clients

Rupert Gallagher
We reject e-mails from both dynamic and unknown domains, and feed the firewall with their CIDRs. The resulting blacklist includes 919 CIDRs, and keeps growing by itself. It is all automatic. I think ISPs should do this filtering, even if the EFF would scream like Donal Duck in favour of net neutrality. 
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Alex Regan
Hi,

On Tue, May 29, 2018 at 8:31 AM, Rupert Gallagher <[hidden email]> wrote:
> We reject e-mails from both dynamic and unknown domains, and feed the
> firewall with their CIDRs. The resulting blacklist includes 919 CIDRs, and
> keeps growing by itself. It is all automatic. I think ISPs should do this
> filtering, even if the EFF would scream like Donal Duck in favour of net
> neutrality.

How are you determining that an IP is dynamic? We're using a set of
postfix regexes but it's very dated now.

More details would be appreciated :-)
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Grant Taylor
In reply to this post by Rupert Gallagher
On 05/29/2018 06:31 AM, Rupert Gallagher wrote:
> We reject e-mails from both dynamic and unknown domains, and feed the
> firewall with their CIDRs. The resulting blacklist includes 919 CIDRs,
> and keeps growing by itself. It is all automatic. I think ISPs should do
> this filtering, even if the EFF would scream like Donal Duck in favour
> of net neutrality.

I thought it was considered best practice for ISPs to do egress SMTP and
NetBIOS filtering, and ideally ingress NetBIOS filtering.

I am okay with this being the default as long as it's well communicated
and there is a relatively easy way for subscribers to opt out of it.



--
Grant. . . .
unix || die


smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Rupert Gallagher
In reply to this post by Rupert Gallagher
spam in the spamassassin list...

Sent from ProtonMail Mobile


On Tue, May 29, 2018 at 14:53, Reindl Harald <[hidden email]> wrote:
Am 29.05.2018 um 14:31 schrieb Rupert Gallagher: > We reject e-mails from both dynamic and unknown domains, and feed the > firewall with their CIDRs. The resulting blacklist includes 919 CIDRs, > and keeps growing by itself. It is all automatic. I think ISPs should do > this filtering, even if the EFF would scream like Donal Duck in favour > of net neutrality. and i think you are an idiot because nobody but you has an idea what a "dynamic domain" or "unknown domain" is in the context of an ISP which don't know about domains in the traffic at all
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Rupert Gallagher
In reply to this post by Alex Regan
It is not rocket science, just tedious. 

Start rejecting the "unknowns", that is, IPs without an RDNS. They are not bound to any specific domain, but their helos and envelope from never fail pretending to be from places they do not belong. They are usually rejected by SPF, but why wasting cpu cycles? 

Next are the low-hanging fruits of dynamic domains, those that have "dynamic" in their name, thank you.

Next are those with "dhcp", "wifi", "mobile", and plenty more similar to the above. You just do not want to receive an e-mail from someone's exploited printer or a home router or anything that is just not meant as a post office you can respond to. 

Next in line are those with lots of numbers in their RDNS, usually the same numbers of their IP. 

We spent months herding those free-range animals... Catching them is tedious, because there is no standard that binds ISPs to just prefix all such domains with "dyn-". 


Sent from ProtonMail Mobile


On Tue, May 29, 2018 at 15:03, Alex <[hidden email]> wrote:
Hi, On Tue, May 29, 2018 at 8:31 AM, Rupert Gallagher wrote: > We reject e-mails from both dynamic and unknown domains, and feed the > firewall with their CIDRs. The resulting blacklist includes 919 CIDRs, and > keeps growing by itself. It is all automatic. I think ISPs should do this > filtering, even if the EFF would scream like Donal Duck in favour of net > neutrality. How are you determining that an IP is dynamic? We're using a set of postfix regexes but it's very dated now. More details would be appreciated :-)
Axb
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Axb
On 05/30/2018 12:50 AM, Rupert Gallagher wrote:
> We spent months herding those free-range animals... Catching them is tedious, because there is no standard that binds ISPs to just prefix all such domains with "dyn-".

which is why it's so efficient to use Spamhaus' PBL (included in Zen)

https://www.spamhaus.org/pbl/

and spend the gained time chasing waterfalls, unicorns and world peace.
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Rupert Gallagher
You prefer the blind-fold solution: the Microsoft way where you click click and click again here and there and feel good that you have solved the problem. Unfortunately it does not work that way. We blacklisted Microsoft IPs without RDNS, out of evidence, while Zen has them whitelisted out of nowhere, for example.

Sent from ProtonMail Mobile


On Wed, May 30, 2018 at 06:06, Axb <[hidden email]> wrote:
On 05/30/2018 12:50 AM, Rupert Gallagher wrote: > We spent months herding those free-range animals... Catching them is tedious, because there is no standard that binds ISPs to just prefix all such domains with "dyn-". which is why it's so efficient to use Spamhaus' PBL (included in Zen) https://www.spamhaus.org/pbl/ and spend the gained time chasing waterfalls, unicorns and world peace.
Axb
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Axb
On 05/30/2018 07:59 AM, Rupert Gallagher wrote:
> You prefer the blind-fold solution: the Microsoft way where you click click and click again here and there and feel good that you have solved the problem. Unfortunately it does not work that way. We blacklisted Microsoft IPs without RDNS, out of evidence, while Zen has them whitelisted out of nowhere, for example.

because those IPs had no rdns they were tempfailed with a 450.
If your user base doesn't care about missed mail, mine got quite loud
due to these temp rejects.

I opted to be one of the many who informed MS backchannels that they had
a problem.

Also, if I discover an IP range which qualifies for PBL, I take the time
to research thoroughly and submit to my Spamhaus contacts. That helps me
and others...
But then, who am I to know.... (only being doing this since 1997)

> Sent from ProtonMail Mobile
>
> On Wed, May 30, 2018 at 06:06, Axb <[hidden email]> wrote:
>
>> On 05/30/2018 12:50 AM, Rupert Gallagher wrote: > We spent months herding those free-range animals... Catching them is tedious, because there is no standard that binds ISPs to just prefix all such domains with "dyn-". which is why it's so efficient to use Spamhaus' PBL (included in Zen) https://www.spamhaus.org/pbl/ and spend the gained time chasing waterfalls, unicorns and world peace.

Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Rupert Gallagher
What happens when your coitus with Spamhaus is interrupted by a man in the middle? I mean someone that either cuts your link or plays the role of your partner while delivering poisoned answers? Good luck...
Axb
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Axb
On 05/30/2018 02:35 PM, Rupert Gallagher wrote:
> What happens when your coitus with Spamhaus is interrupted by a man
> in the middle? I mean someone that either cuts your link or plays the
> role of your partner while delivering poisoned answers? Good luck...
>

doesn't happen. I only use lists which I can mirror locally and with
reliable monitoring in case a zone file goes haywire.
This comes with a cost which my customers are happy to cover.
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Rupert Gallagher
Good job. 

How much do you pay for it?


On Wed, May 30, 2018 at 16:42, Axb <[hidden email]> wrote:
On 05/30/2018 02:35 PM, Rupert Gallagher wrote: > What happens when your coitus with Spamhaus is interrupted by a man > in the middle? I mean someone that either cuts your link or plays the > role of your partner while delivering poisoned answers? Good luck... > doesn't happen. I only use lists which I can mirror locally and with reliable monitoring in case a zone file goes haywire. This comes with a cost which my customers are happy to cover.
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

@lbutlr
On 31 May 2018, at 01:52, Rupert Gallagher <[hidden email]> wrote:
> How much do you pay for it?

Someone has a stiff piece of cellulose in a downward facing bodily orifice about spamhaus, it appears.

--
Mirrors contain infinity. Infinity contains more things than you think.
Everything, for a start. Including hunger. Because there's a million
billion images, but only one soul to go around. --Witches Abroad

Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Rupert Gallagher
Stiff piece of shit, dumped long ago. 

Sent from ProtonMail Mobile


On Fri, Jun 1, 2018 at 08:05, @lbutlr <[hidden email]> wrote:
On 31 May 2018, at 01:52, Rupert Gallagher wrote: > How much do you pay for it? Someone has a stiff piece of cellulose in a downward facing bodily orifice about spamhaus, it appears. -- Mirrors contain infinity. Infinity contains more things than you think. Everything, for a start. Including hunger. Because there's a million billion images, but only one soul to go around. --Witches Abroad
Reply | Threaded
Open this post in threaded view
|

Re: Dynamic clients

Kevin A. McGrail-5
Can we drop the conversation off list that is more fitting of a teenage chat room, please?