New? behavior og rbl's

Alex Broens ms-list at
Thu Sep 22 17:16:19 IST 2011

On 2011-09-22 18:02, Scott Silva wrote:
> on 9/22/2011 7:40 AM Jonas spake the following:
>> Hmm ok maybe I was a sleep the past year or so but when did the below
>> become normal policy???
>> Basically the conclusion is if you have a pc infected with a virus
>> that's not email related and or at least is unable to send out spam
>> because of firewall blocks or similar, you are still blocked in a
>> spamfilter for having the same WAN ip?
>> Not only have I not seen this before but it seems like a huge jump in
>> what a normal SMTP RBL list is supposed to do...
>> Anybody else have any thought on the matter?
>> Med venlig hilsen / Best regards
> All the RBL's have is the public facing address that the crap goes out
> on... One bad apple does spoil the whole bunch...

Which translated means:
- put your MTAs on dedicated IP/s and do not share with gateway.
- setup log watching/alerts
- If you're corporate/Exchange don't allow OWA without being VPN'd or at 
least use a non standard port.
- block port 25 outbound for all behind the gateway which is not an MTA 
(your MTA is on dedicated IP)
- use outbound rating to minimize possible blasts.


More information about the MailScanner mailing list