nobaloney
NoBaloney Internet Svcs - In Memoriam †
The first beta release of SpamBlocker3, dated 23 December 2006, has a potential bug.
Note these lines:
The above lines are undocumented a commented out.
The purpose of the above ACL is to thwart spammers who send to high-cost (low-priority) MX servers hoping to find it easier to get through on backup email servers.
The implementation is easy; you simply use a fake MX record, say cost 100 (instead of 10), to an IP# that you won't ever use to accept email. Since only spammers will use this MX record as long as other records are available, you can scrape the IP#s that try this connection (as long as your lower cost MX server is available) to put into blocklists.
We don't recommend using it, and by itself all it does is put a warning into the logs.
But if you uncomment it and don't put a line with only the one word accept immediately after it, by default you'll block everything.
Jeff
Note these lines:
Code:
# SKIP MX ACL used at connect time:
# IF YOU USE OTHER THAN MAIN IP# FOR MX INSERT MAIN IP# TO
# TO REPLACE PLACEHOLDER, AND UNCOMMENT THIS SECTION
# check_connect:
# defer log_message = Spammer Connected to fake MX record
# condition = ${if match{$interface_address}{(XX.XX.XX.XX)}{true}{false}}The purpose of the above ACL is to thwart spammers who send to high-cost (low-priority) MX servers hoping to find it easier to get through on backup email servers.
The implementation is easy; you simply use a fake MX record, say cost 100 (instead of 10), to an IP# that you won't ever use to accept email. Since only spammers will use this MX record as long as other records are available, you can scrape the IP#s that try this connection (as long as your lower cost MX server is available) to put into blocklists.
We don't recommend using it, and by itself all it does is put a warning into the logs.
But if you uncomment it and don't put a line with only the one word accept immediately after it, by default you'll block everything.
Jeff
.