On Fri, Aug 23, 2013 at 09:23:31AM -0700, Ned Freed wrote:
On Fri, 23 Aug 2013, keld wrote:
Thi idea was to use it as a check in addition to DNSBL etc.
The advantage over DNSBL is that for DNSBL you first need to register
the offending site with DNSBL.
Not necessarily. See for instance http://www.spamhaus.org/pbl/
FWIW, I just checked the sending IP addresses a bunch of spam emails that
weren't listed at Spamhaus ZEN at time of delivery. A significant minority
of them (~ 40%) was listening on port 25.
At the same time, several IP addresses that were sending legitimate email
weren't.
This is actually very common, and the larger the provider the more likely
it's
going to be. Large providers use different systems for inbound versus
outbound
versus submission versus AS/AV. Separation of function makes all sorts of
sense
when you're talking about deployments with hundreds or even thousands of
individual systems.
Yes I understand that large organisations have separate receiving and sending
MTAs.
As they are large, they can probably be identified in some way.
Maybe by the block owner of the IP address. Or some reverse lookup.
I do recoqnise that this is probably the hard part.
A DNSWL (DNS White List ala DNSBL) would probably be a part of the system.
I am not talking about sender address verification, but rather
something like sender MTA verification.
And I did not want to see if the MTA is SMTP compliant, I just want to
see if port 25 is open, a ping would do.
Oh, I see there is dnswl.org. So simple solution: Ping sender IP, if Open then
OK,
if not then ask dnswl.org. Would that do it? Has it been done?
Best regards
keld
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp