> On Fri, Feb 06, 2009 at 10:42:39AM +0100, Chris Thompson wrote:
> > I run two mail and web servers from my house on a DSL line. Until a few
> > weeks ago I was on cable but a new ISP launched some good SME offers and I
> > decided to make the switch.
> And I drop all connections to port 25 from IP addresses, that have a
> reverse DNS entry like dsl.foo.bar, dynamic.foo.bar, dhcp.foo.bar.
> There is a 99.999% chance, that a botnet is talking to you.
Which is totally wrong. A lot of legitimate SMTP servers are on such IP
addresses.
A lot of (so called) admins today don't understand Robustness Principle
(rephrased):
Be liberal in what you accept, and conservative in what you send
--
Kind regards, Milan
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment