Date: Mon, 8 Sep 1997 00:16:30 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: jmb@FreeBSD.ORG (Jonathan M. Bresler) Cc: ahd@kew.com, jmb@FreeBSD.ORG, hackers@hub.freebsd.org, support@kew.com Subject: Re: spam and the FreeBSD mailing lists Message-ID: <199709080016.RAA13014@usr08.primenet.com> In-Reply-To: <199709072335.QAA17881@hub.freebsd.org> from "Jonathan M. Bresler" at Sep 7, 97 04:35:42 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> please remember to distinguish between "mail from:" addresses > and relays. there is *not* reasone that i know of that a > "mail from:" address must be resolvable. > if the "don't get your ACK's ba" they cant establish the TCP > session in order to transfer the mail in the first place. I think the "mail from:" addr needs to be resolvable. 1) mail from:<local machine> rcpt to:<non-local machine> -> accept 2) mail from:<non-local machine> rcpt to:<local machine> -> accept 3) mail from:<xxx@savetrees.com> -> reject 4) mail from:<non-local machine for which we are an MX> rcpt to:<non-local machine> -> accept 5) mail from:<non-local machine> rcpt to:<non-local machine> -> reject Arguably, locality should be determined by client machine netblock, not name. But rejecting as in case (3) should be done, even if it's from a valid netblock, since it spam being relayed through another host to you. > > there is no sin in requiring public e-mail addresses registered as well. > > > > Note too, that newbies tend to not start with e-mail from their own > > sites, they use their existing connection (Windows connected to an ISP > > POP3 server or whatever) to get up and then migrate. I've handled > > e-mail support for UUPC/extended for ~ 8 years, I've watched the pattern > > for that long -- my help desk is now reading this over my shoulder, and > > her comment is "Yup -- and that any list which is spammed is less > > helpful". > > you may well be correct about this...i am still learning the > email game even though i have been postmaster for over two years. > things keep changing and there is always more to learn > i may change the check_relay ruleset to require DNS resolution. ;) I typically don't. The reason for this is that it is just as easy for a spammer to reverse lookup an IP address to a valid name. If you are talking about forward DNS resoloution, then validating the domain according to the applicable RFC's will kill most of them anyway (leading numerics, etc.). I can always lie and say: mail from:<spammer@freebsd.org> anyway. That'll resolve just fine, and it's still spam. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199709080016.RAA13014>