Deny MX queries for dynamic IP pools

[Wael Shaheen]

Hi,


On 1/31/10 5:28 PM, "Sten Carlsen" <stenc at s-carlsen.dk> wrote:

> To me this seems to be a firewall/routing issue. If you know for sure
> that some IP is sending spam, if you can not stop them, then at least
> you can block their outgoing access to port 25.

Most of the RBLs list dynamic IP addresses for they should not be sending
emails whatsoever in most cases. Identifying the the origin of the spam in
huge networks with thousands of compromised machines is not an easy task and
blocking the port 25 based on that network analysis will produce false
positives for these are dynamically assigned IP addresses and will change
with every time the user connects.

> 
> Alternatively and maybe better arrange for a proxy server to do
> filtering and discard spam. The proxy solution is actually used many
> places and works reasonably well also for non-spammers.

The email proxy can work in many places but I am not sure it would in a DSP,
or a big ISP.
If you want to cope with the email volume that is being generated by
hundreds of thousands of clients then you will need to build a monster
solution. Not only that, you also may cause your users legitimate emails to
be rejected or flagged as SPAM for they will be sent from a destination
other than their email server.

Regards,
Wael