[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] *****SPAM***** Tuerkei in die EU



Rainer Duffner wrote:

Hi Andreas,

to the contrary.
Why would a dynamic IP need to talk to my mailserver directly?

IPs themselves are not dynamic, maybe the client gets some sort of a "lease" for a period of time.... but the address is always the same ;-)
Are you really sure that the machine "behind" that number REALLY change?

It's a zombie with almost 100% probability (and the rest are clueless idiots or broken software).
10-20% of my RBL-hits are dynamic ips.

I am not sure if I fall within the 100% probability of being zombie or being a clueless idiot... (I think I am not broken software) In my country, Uruguay, the National Telephone Operator (ANTEL / ANTELDATA) sells fixed IPs within blocks of dynamic addresses and/or domainnames (.com.uy) without a reverse resolution. We have been able to make them change the reverse DNS in some cases and in other not (answer: "technical reasons"). Sometimes you simply believe it is a dynamic IP, but really it is a responsible site well administered but with an operator that might need to provide a better service.
You think it is "dynamic" because you get a

   r200-40-yyy-xxx.adinet.com.uy.

after a "dig -x" but maybe the address has been allocated for the same customer for several years, without any spam incident, without even being an open relay.... not even a single problem...

The first Sober.Q that hit my mailbox came right through this mailinglist (and then some through the Squirrelmail-list). I didn't get a single one directly.

I am sure that if you only allow mail from your own host you will be even safer!

Remember that until IPv6 happens, many countries don't have enough addresses to provide such an "ordered" and "neat" addressing scheme that meet your high-standards. But let me tell you that such a policy (I am not refering to you particularly but to all those who use it) is quite segregationist, as you are banning people out without being even taking care of it!

If you oversimplify things you tend to do this kind of mistakes.
I am not taking it personal that you call me zombie or clueless idiot..... but I would appreciate that you re-consider your security rules, in a way that support and promote the "free speech" and universal access that Internet shall provide to all of us.

Best regards

Ariel "clueless idiot"

cheers,
Rainer



--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here