Sendmail, /etc/mail/access, and spam "best practices"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 27 Apr 2023 00:32:12 UTC
In the hope that a significant number of readers of this message are in charge of email administration, may I ask for guidance on how aggressive you tend to be on using sendmail's /etc/mail/access feature to block email access to substantial portions of address space? I don't want to name any specific entities (corporate or political) as possible targets, but numerous owners of IPv4 /24 blocks, and some /16 blocks and even a few /12 blocks generate an inordinate percentage of the spam messages I have to handle. Right now, I will generally add the specific source of any single spam message to /etc/mail/access, and if I see even only two addresses in the same /24 block, I feel no compunction about blocking the whole /24. Obviously blocking a /16 or a /12 is much more problematic. Thank goodness for abuseat.org, with whose help I daily reject hundreds of messages, and still multiple others still go through. My /etc/mail/access is close to 20,000 entries at this point, though, and it sure is tempting to block some of those /16s, though. -- George