I found in this forum the registry setting to allow a connection to drop if it is found in a DNS Blacklist.
My suggestion is to please enable this function through the user interface.
I have found than most any change I make in the user interface, in SMTP connector, causes the registry setting to revert back to 1 or the normal mode of operation.
This feature is very handy and really should be made "official" or externalized.
Thanks much...Dale...
Drop connection when IP is in DNS Blacklist - make official
-
BrandywineITS
- Posts: 19
- Joined: Sat Jul 02, 2005 12:32 am
Another added to feature to this same functionality would be the ability to Auto-Ban and IP address found on a DNS balcklist after so many attempts to send.
I am seeing alot of spammers that connect as such;
ME-I0101 (Pass all previous tests, and good "TO" address)
ME-E0113 (Found in DNS Block List)
ME-I0070 (Graceful Close by remote client)
Then the remote client repeats the process.
I believe after 3 or 4 of these cycles it is pretty apparent that they are attempting a brute force entry and should be able to be banned outright.
Just my two cents worth.
I am seeing alot of spammers that connect as such;
ME-I0101 (Pass all previous tests, and good "TO" address)
ME-E0113 (Found in DNS Block List)
ME-I0070 (Graceful Close by remote client)
Then the remote client repeats the process.
I believe after 3 or 4 of these cycles it is pretty apparent that they are attempting a brute force entry and should be able to be banned outright.
Just my two cents worth.
