smtp server test?

Vlad Mazek vlad at MAZEK.COM
Wed Mar 16 14:46:56 GMT 2005


    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

While I agree with the majority of the replies on this thread, our
statistics indicate that the majority of dangerous content that gets
directly relayed to our servers comes from machines with no reverse dns
at all (drop connection) or consumer-grade connections (cable, dsl).

Try running statistics on your server to find out exactly where your
spam is coming from. On ExchangeDefender, 61.7% of dropped connections
came from hosts with no reverse dns, 22.6% came from dialup/cable/dsl.
That means that out of all the mail we received, 84.3% was from the
people that either shouldn't be running a mail server at all or are
hardly competent to even run DNS.

Try checking where most your spam comes from before you invest the time
to solve the problem that doesn't exist. On my list of priorities for
this week is to write filters that quarantine mail from domains that
have been registered in the past 7 days. Every week we get a TON of
hosts with .biz/.info tld that relay exactly 250 messages each. They
never trigger a score high enough for adaptive RBL's to pick them up.

-Vlad Mazek
ExchangeDefender.com

>
>This would also help eliminate those pesky mailservers that bypass MX
>lookups and go straight to the domain ip.   Usually virus or spam.
>
>
>

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list