* Carlos E. R.; <robin1.listas@tiscali.es> on 05 Dec, 2003 wrote:
The Thursday 2003-12-04 at 08:20 +0100, Togan Muftuoglu wrote:
about clock not being set properly. It is being asked quite frequently. Just mention it if you want modifications or additions.
Ok I will have a look at the thread
It is possible that there is something wrong in the boot.clock script for SuSE 9.0, but as I haven't updated I can not check (8.2 here). I doubt it, but it is funny there are so many people complaining - but it could be new users trying to adjust the clock incorrectly, as has been typical for a long time ;-)
I have not upgraded yet the box sits on the shelve for a long time :-)
I can understand it. Not every provider provides the reverse entry and even if they do the ip could be in the blacklists as well. Yet like many people I have to cut down the spam as much as I can sometimes it does cut legitimate mail as well, like yours :-(
I have friends with adsl and fixed IP with a .org domain name; but as the IP belongs to the provider, reverse lookup resolves to a name like n*.n*.n*.pool.provider or something similar, the same as for a dynamic IP address. It is an unsolvable problem, even for small businesses.
Currently postfix is only checking if you have reverse address if yes then then next protection is in in effect. It is not looking if your reverse is what you are claiming to be. However it is a solvable problem depending on your ISP's willingness to work with you. Back in Turkey I could not have it done, I was using the national Telecom's dsl service., however in Germany my ISP (knock the wood as they are the best thing I have encountered in Germany so far in terms of customer service) delegated the reverse addresses to may domain so with a /29 block I have full control of the IP's and the domain :-) Long live Kamp-dsl
It should be possible to find some better way of rejecting spam...
Could be yet I do not have the time to play with it right now. I have to finish moving in a I write this we still do not have a wardrobe and trying to pick things to wear out the cartoons is no fun believe me
For example, an idea. Set up a filter, with spamassassin. Parse received spam, and block all email coming from that origin (from address and IP number), say for a day or two. The first email passes through, but not the second.
That is difficult as I receive tons of email from various countries and so does my wife
Another idea - this I think exists commercially - when an email from a not whitelisted name comes, it is answered by a robot, requesting an answer; ie, it is a challenge/response setup. When the answer is received, the name is added to the whitelist list, and the original email is forwarded to the recipient.
This idea IMO creates for spam then stoppping it
A third idea: I think that instead of directly rejecting email based on the IP, this should simply add to a negative score (maybe in SpammAssassin). If the remitent is whitelisted, or, say, has a valid pgp signature, it receives a positive score and goes on. This could be combined to create a dynamic blacklist as well.
I think I will stick to what I have for some time at least till I finish unpacking. Thanks for the ideas they are appreciated -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://susefaq.sf.net