[17877] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

RE: {nanog} RBL Update (Re: Lets go vixie!! rbl)

daemon@ATHENA.MIT.EDU (Jason Fesler)
Tue Jun 16 12:47:41 1998

From: "Jason Fesler" <jfesler@calweb.com>
To: <nanog@merit.edu>
Date: Tue, 16 Jun 1998 09:37:54 -0700
In-Reply-To: <v0300780db1ab851fc82b@[198.3.136.121]>

Dean Anderson wrote:
> Seriously Paul, I would like to have some kind of announcement made on
> Nanog before you do that again, so that people can tell you not to do it.
> Breaking a large service provider is definitely an operational issue.  How

I'm suprised that people haven't done a  better job at building better
SMTP filters.. Unfortunately what I wrote was on company time, so I can't
release it (grrrrrr), but I definately have the flexability to do stuff
like this (indeed, this isn't the first time MSN mail was blocked, and
I was not  affected by Vixie's decisions):

+ :rbl:true * * 550 You are on Vixie's list, see ...  [macros to generate
http address] or contact postmaster@calweb.com to override the RBL.

+ any:msn.com any:msn.com * 250 Permit MSN's machines to send MSN-originated
email

I'm not sure how easy/hard it would be to maintain *sendmail* that way..
However,
as a seperate process, there isn't that much overhead on what I'm currently
running to make intelligent  decisions following a list of rules, that do
things like override MSN-originated email (we still refuse
151251@34581235.com from MSN boxes), to require juno.com email actually come
from juno.com email servers, and other silly tricks.   I get 1-2 emails a
week  for individuals that get caught by the frontend that are  legimate,
which get immediately put into the rulesets.  Anyone who can read the bounce
message, is by definition from a  valid email address..










home help back first fref pref prev next nref lref last post