IP address reputation, BorderWare

Kevin Miller Kevin_Miller at ci.juneau.ak.us
Thu Mar 22 23:31:02 CET 2007


Chris Yuzik wrote:
> Hi Everyone,
> 
> While this is slightly off topic, it's likely of interest to most of
> us here.
snip
> 
> What do you guys (and gals) think?

You don't say what milter you're using, but I went to the test site
mentioned and came up neutral.  They didn't have any info on me at all.
I'm running sendmail and smf-sav.  Maybe your milter version is doing
something other than mine?

I think something is askew however.  If you're dropping 87% of inbound
mail and borderware is aware of virtually all of it, that implies that
pretty much everybody that sends you mail is using a borderware
applience, or virtually all the spoofed addresses are to borderware
protected networks, and that virtually all the drops are due to invalid
senders.  I have a hard time believing that.  An awful lot of my
connections are dropped based on invalid forged from, but an awful lot
of them are also based on valid forged froms, and directed to invalid
recipients in my domain.

That said, if this is what Borderware is doing, we can only hope they
don't start autoreporting to the RBLs...

...Kevin
-- 
Kevin Miller                Registered Linux User No: 307357
CBJ MIS Dept.               Network Systems Admin., Mail Admin.
155 South Seward Street     ph: (907) 586-0242
Juneau, Alaska 99801        fax: (907 586-4500


More information about the MailScanner mailing list