Date: Mon, 5 May 2003 12:23:10 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: <Scheidell@secnap.com> Cc: freebsd-stable@freebsd.org Subject: Re: RE: blackmail attempt? Stable mailing list block? Message-ID: <200305051923.h45JNARn078543@apollo.backplane.com> References: <B3BCAF4246A8A84983A80DAB50FE72420724A2@secnap2.secnap.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm going to put a plug in for the relays.ordb.org DNSBL. It's a
fairly conservative volunteer dnsbl that verifies and blocks open
relays in an automated fashion. I run one of their U.S. nameservers.
I consider DNSBLs only one line of defense. I have a number of
mechanisms in my own mail system which detect suspect connections
through the libmilter interface and track and return 4xx codes for a
period of time to 'delay' (rather then reject) suspect email for a few
hours. I can't really do anything drastic because I run the email and
domains for several dozen people and some of them get all sorts of
weirdly sourced, legitimate international correspondance.
Even so three or four out of the 30-40 spams that attempt delivery to
my personal email address every day get through. I am still hesitating on
implementing the final solution, which would be a mail-back verification
system, but if spam continues to worsten over this year I'll probably
wind up implementing it.
There are plenty of things that people can do to mitigate spam. For one
thing, never publish your email address in user@domain form on your web
pages. Instead publish it as 'user at domain' or something like that.
That one change will probably get rid of a significant percentage of the
spam you get. I've started doing it on my web pages and I'll probably
do it for my email signature as well since those are archived and available
on the web as well.
Another interesting and cool solution, one which I might implement for
myself, is to create 'temporary return addresses' for your email and/or
published web pages which are only valid for a short period of time.
-Matt
Matthew Dillon
<dillon@backplane.com>
:
:We don't use 'monkies.org' because they refuse to take fixed computers out. we send an email to spews and dk10? telling them that they MISSED one of our netblocks and please add it since we didn't want to send any email to anyone stupid enough to use either list. (they added it, which proved my point.. they violated their stated listing policies!)
:
:here is what I use (in postfix)
:we don't do any business out of the us, so screwem.
:...
:
:--
:Michael S. Scheidell, CEO
:SECNAP Network Security www.secnap.com
:scheidell@secnap.net / 1+561.368.9561, 1131
:Sales: 866-SECNAPNET / 866.732.6276
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305051923.h45JNARn078543>