ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: 7. BCP - Mail Administrators: Checking HELO (was: [Asrg] 0. General - Administrative - for M. Wild)

2003-09-08 12:08:15
from [Steven F Siirila] [Permanent Link] 
On Sun, Aug 31, 2003 at 03:49:24AM +0200, Brad Knowles wrote:

At 8:04 PM -0500 2003/08/30, Steven F Siirila wrote:


We have seen about 1,200,000 different IP addresses connecting to us in 
the
past six months and we block about 1,000,000 SMTP connections on our MX
servers every week on average.  What other stats would be of interest?


      What's your breakdown of why those connections are blocked?  How 
many unique blocks are due to which blacklist?  How many unique 
blocks are from lack of rDNS?  How many unique blocks are there by 
domain-based blacklist?  How many unique blocks are there due to 
other techniques?


I won't break down on a per-DNSbl basis, but here's some data for the past week:

Insecure server   342,122       (79,449 unique -- blocked ONLY for this reason)
Known spam src    351,648       (288,234 unique)
rDNS blocks       591,570       (378,792 unique)
Dynamic IP addr 1,095,792       (950,424 unique)

Total blocked   2,048,523


      I assume that once you have a positive response on one of those 
checks, you reject the connection and you don't bother trying the 
other checks as well.  Could you re-process your data to apply all 
checks to all IP address/envelope sender/recipient combinations, to 
see where certain blocks might overlap?

-- 
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
    -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) 
R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg


-- 

Steven F. Siirila                       Office: Lind Hall, Room 130B
Internet Services                       E-mail: sfs(_at_)umn(_dot_)edu
Office of Information Technology        Voice: (612) 626-0244
University of Minnesota

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 7. Best Practices - DNSBLs - Article, Brad Knowles
Next by Date:  Re: [Asrg] 7. Best Practices - DNSBLs - Article, Peter J. Holzer
Previous by Thread:  Re: 7. BCP - Mail Administrators: Checking HELO (was: [Asrg] 0. General - Administrative - for M. Wild), Steven F Siirila
Next by Thread:  [Asrg] Re: 7. BCP - Mail Administrators: Checking HELO, Chris Lewis
Indexes:  [Date] [Thread] [Top] [All Lists]