> Personally, I block SMTP connections based on the zen.spamhaus.org blacklist. It's not a dynamic IP blacklist, but rather a combination of a few conventional blacklists. I've found it to be extremely reliable in terms of not producing false positives, and in terms of blocking an enormous amount of spam with very minimal resource impact.
I've been very unhappy with them in the past (blacklists in general).
My policy has always been to accept all messages, which produces an
audit trail; even if I greylist or 5xx a spam message I keep a local
copy. The lack of auditability is the main reason I've stayed away
from blocking at the MTA level.
Since the tide is changing, I'm looking for the least intrusive
method. I think just blocking dynamic addresses will do the trick -
and with more and more ISP blocking port 25 soon it will be a moot
point.
Received on Thu Oct 4 10:44:20 2007
This archive was generated by hypermail 2.1.8 : Thu Oct 04 2007 - 10:44:24 CST