Milter-greylist

> Benoit Branciard <benoit.branciard@...> wrote:
>
>> - sender MX validity : the idea is to able to identify sender domains
>> whose MX is "bad", ie points to at least one IP pertaining to an
>> IANA-reserved block : loopback, private use, multicast, broadcast,
>> testing, link-local, and so on (see
>> http://www.faqs.org/rfcs/rfc3330.html).
>
> Perhaps we could perform a lookup of the MX address against a DNSRBL,
> and build a DNSRBL of IANA-reserved block? It would make updates a bit
> easier.

You mean like the widely available and maintained bogons list? The one
that lists the networks which are currently not assigned.

It already exists.

> The only problem is the case of domains with multiple MX, one of them
> being bad. How should we handle that?

I would ignore single bad records. The terms rbl, isps and accidents seem
to cross my mind. As in a whole ISP being blocked from sending or
receiving mail because a signle system ended up on a RBL.

I have seen this recurring on a number of cases here in the Netherlands
where a mail server from a ISP were tagged on a RBL because of dubious
reasons. This can have a very disruptive effect to email delivery.

A good compromise would be a balance. If there are more "bad" MX records
(rbl or other) then good MX records available greylist or blacklist.

e.g. where bad MX records > 0.5 good records.
racl mx blacklist badrbl 0.5

Cheers,

Seth