From owner-freebsd-hackers Sun Sep 7 17:16:33 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id RAA20161 for hackers-outgoing; Sun, 7 Sep 1997 17:16:33 -0700 (PDT) Received: from usr08.primenet.com (tlambert@usr08.primenet.com [206.165.6.208]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA20154; Sun, 7 Sep 1997 17:16:32 -0700 (PDT) Received: (from tlambert@localhost) by usr08.primenet.com (8.8.5/8.8.5) id RAA13014; Sun, 7 Sep 1997 17:16:31 -0700 (MST) From: Terry Lambert Message-Id: <199709080016.RAA13014@usr08.primenet.com> Subject: Re: spam and the FreeBSD mailing lists To: jmb@FreeBSD.ORG (Jonathan M. Bresler) Date: Mon, 8 Sep 1997 00:16:30 +0000 (GMT) Cc: ahd@kew.com, jmb@FreeBSD.ORG, hackers@hub.freebsd.org, support@kew.com In-Reply-To: <199709072335.QAA17881@hub.freebsd.org> from "Jonathan M. Bresler" at Sep 7, 97 04:35:42 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > please remember to distinguish between "mail from:" addresses > and relays. there is *not* reasone that i know of that a > "mail from:" address must be resolvable. > if the "don't get your ACK's ba" they cant establish the TCP > session in order to transfer the mail in the first place. I think the "mail from:" addr needs to be resolvable. 1) mail from: rcpt to: -> accept 2) mail from: rcpt to: -> accept 3) mail from: -> reject 4) mail from: rcpt to: -> accept 5) mail from: rcpt to: -> reject Arguably, locality should be determined by client machine netblock, not name. But rejecting as in case (3) should be done, even if it's from a valid netblock, since it spam being relayed through another host to you. > > there is no sin in requiring public e-mail addresses registered as well. > > > > Note too, that newbies tend to not start with e-mail from their own > > sites, they use their existing connection (Windows connected to an ISP > > POP3 server or whatever) to get up and then migrate. I've handled > > e-mail support for UUPC/extended for ~ 8 years, I've watched the pattern > > for that long -- my help desk is now reading this over my shoulder, and > > her comment is "Yup -- and that any list which is spammed is less > > helpful". > > you may well be correct about this...i am still learning the > email game even though i have been postmaster for over two years. > things keep changing and there is always more to learn > i may change the check_relay ruleset to require DNS resolution. ;) I typically don't. The reason for this is that it is just as easy for a spammer to reverse lookup an IP address to a valid name. If you are talking about forward DNS resoloution, then validating the domain according to the applicable RFC's will kill most of them anyway (leading numerics, etc.). I can always lie and say: mail from: anyway. That'll resolve just fine, and it's still spam. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.