[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] *****SPAM***** Tuerkei in die EU
Rainer Duffner wrote:
to the contrary.
Why would a dynamic IP need to talk to my mailserver directly?
IPs themselves are not dynamic, maybe the client gets some sort of a
"lease" for a period of time.... but the address is always the same ;-)
Are you really sure that the machine "behind" that number REALLY change?
It's a zombie with almost 100% probability (and the rest are clueless
idiots or broken software).
10-20% of my RBL-hits are dynamic ips.
I am not sure if I fall within the 100% probability of being zombie or
being a clueless idiot... (I think I am not broken software)
In my country, Uruguay, the National Telephone Operator (ANTEL /
ANTELDATA) sells fixed IPs within blocks of dynamic addresses and/or
domainnames (.com.uy) without a reverse resolution. We have been able to
make them change the reverse DNS in some cases and in other not (answer:
Sometimes you simply believe it is a dynamic IP, but really it is a
responsible site well administered but with an operator that might need
to provide a better service.
You think it is "dynamic" because you get a
after a "dig -x" but maybe the address has been allocated for the same
customer for several years, without any spam incident, without even
being an open relay.... not even a single problem...
The first Sober.Q that hit my mailbox came right through this
mailinglist (and then some through the Squirrelmail-list). I didn't
get a single one directly.
I am sure that if you only allow mail from your own host you will be
Remember that until IPv6 happens, many countries don't have enough
addresses to provide such an "ordered" and "neat" addressing scheme that
meet your high-standards.
But let me tell you that such a policy (I am not refering to you
particularly but to all those who use it) is quite segregationist, as
you are banning people out without being even taking care of it!
If you oversimplify things you tend to do this kind of mistakes.
I am not taking it personal that you call me zombie or clueless
idiot..... but I would appreciate that you re-consider your security
rules, in a way that support and promote the "free speech" and universal
access that Internet shall provide to all of us.
Ariel "clueless idiot"
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here