[hashcash] blacklist to Brown list conversion
- From: "Eric S. Johansson" <esj@xxxxxxxxxx>
- To: hashcash@xxxxxxxxxxxxx
- Date: Sat, 13 Jan 2007 22:23:18 -0500
one features that put into twopenny blue is a way of by passing
blacklists. The reason this is important is because of what happened to
a customer of mine.
A few days ago, they were put on the CBL blacklist. I help them with
all the usual things in terms of checking for Trojans etc.. I put rules
in the firewall to prevent anything except the mail servers from sending
SMTP traffic outbound. But still, the problem persisted and they
couldn't get unlisted until about an hour ago. In the meantime, they
were severely hampered because they couldn't send e-mail to their customers.
What triggered this was a dedicated server for tracking produce orders.
One of the vendor administrators blasted off about 20 or 30 test
messages to his gmail account. Unfortunately, the MTA was configured to
send localhost.localdomain as part of the helo sequence and, you guessed
it, it triggered automatic blacklisting. We are burning the net in
order to save it.
So, how can we prevent this kind of damage. How can one continue to
operate while one is trying to stop the erroneous blacklist? there is a
Brown list feature in twopenny blue but I would like to hear if folks
have an idea for how to handle blacklist bypasses automatically without
forcing folks to replace entire chunks of their infrastructure.
---eric
- Follow-Ups:
- [hashcash] Re: blacklist to Brown list conversion
- From: Simon Bohlin
Other related posts:
- » [hashcash] blacklist to Brown list conversion
- » [hashcash] Re: blacklist to Brown list conversion
- » [hashcash] Re: blacklist to Brown list conversion
- » [hashcash] Re: blacklist to Brown list conversion
- [hashcash] Re: blacklist to Brown list conversion
- From: Simon Bohlin