I have been getting a number of "failure notices" in my mail queue and my amateur sleuthing via DNS report found this particular spammer has two NS servers as well as a bank of mail servers. My thought was to blacklist the NS IPs, however, that did not work. My next step is to blacklist their mail server IPs but there are a number of them so what would be nice is to just blacklist the entire block that corresponds to their mail server IPs (208.76.251.38 thru 208.76.251.50). I see that blocking a range of IPs was requested for ASL 2.0 but I could not find any reference so I just added 208.76.251 to my ASL blacklist hoping it will take care of the range.
So I guess my first question is am I thinking about this correctly? and secondly is their a better way?
Thanks much
An annoying spammer - can I block their IPs in ASL
Gents:
Thanks for the reply. However, I have read this forum extensively for similar issues and employed all of the recommendations (at least the simple ones) to prevent failure notices stuck in the queue. Of course I have set Plesk to reject all non-existent email. I am also using qmail-scanner and ART spamassassin. The IP addresses for this particular spammer are not listed in the spamhaus RBL.
One thing that I did notice in the email header is that the spam gets an SPF Pass which baffles me. I have checked my spf record several times and it seems ok, but maybe not.
Thanks again
Thanks for the reply. However, I have read this forum extensively for similar issues and employed all of the recommendations (at least the simple ones) to prevent failure notices stuck in the queue. Of course I have set Plesk to reject all non-existent email. I am also using qmail-scanner and ART spamassassin. The IP addresses for this particular spammer are not listed in the spamhaus RBL.
One thing that I did notice in the email header is that the spam gets an SPF Pass which baffles me. I have checked my spf record several times and it seems ok, but maybe not.
Thanks again