On Fri, Apr 04, 2008 at 09:42:01AM +0100, Wayne Stallwood wrote:
* On Fri, 2008-04-04 at 08:24 +0100, Mark Rogers wrote:Now that we have cleared the problem their IP address has been removed from the blacklists, although that's not a problem now as we configured their mail server (Exchange - horrible thing) to send via the ISP's smart host.
This got me thinking: Are there any voluntary blocklists where you can subscribe IPs that should never send any email, and so any email from that IP should be assumed to be spam?
I wouldn't do that
Some spam filters look through the session transcript and block a message if *any* IP address or host mentioned in it is blacklisted not just the last relay. So for example using this message as an example when it says
Received: from 87-127-158-124.no-dns-yet.enta.net ([87.127.158.124] helo=msl-office.co.uk
Even though you are using the.earth.li as a relay it will get blocked if 87.127.158.124 is blacklisted.
I think you'll find that the list is hosted on the.earth.li rather than Mark using that host as a relay. And your mistake is a perfect example of why you should only use the last hop (which the receiving mail server can verify) when scanning headers for hosts to reject on.
Mind you I don't think there are any decent RBLs out there these days.
J.