Date: Wed, 10 Aug 2016 09:07:01 +0200 From: Niklaas Baudet von Gersdorff <stdin@niklaas.eu> To: freebsd-questions@freebsd.org Subject: Re: Need advice for setting up mail server Message-ID: <20160810070701.GB36980@box-hlm-03.niklaas.eu> In-Reply-To: <33245.128.135.52.6.1470667918.squirrel@cosmo.uchicago.edu> References: <VI1PR02MB0974A0FB1361638BDD437043F61A0@VI1PR02MB0974.eurprd02.prod.outlook.com> <2394887a809b4ad8e702d1d13bb1337c@mail.zplay.eu> <20160807180149.GC12411@len-t420.klaas> <44D296EC-FA25-4279-9501-8BB6B2DD86A6@mail.sermon-archive.info> <20160808063138.GA20037@box-hlm-03.niklaas.eu> <33245.128.135.52.6.1470667918.squirrel@cosmo.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--Y7xTucakfITjPcLV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Valeri Galtsev [2016-08-08 09:51 -0500] : > > In /usr/local/etc/spamd/spamd.conf I use two of the example > > lists: > > > > all:\ > > :uatraps:nixspam: > > > > # University of Alberta greytrap hits. > > # Addresses stay in it for 24 hours from time they misbehave. > > uatraps:\ > > :black:\ > > :msg="Your address %A has sent mail to a ualberta.ca spamtrap\n\ > > within the last 24 hours":\ > > :method=http:\ > > :file=www.openbsd.org/spamd/traplist.gz > > > > # Nixspam recent sources list. > > # Mirrored from http://www.heise.de/ix/nixspam > > nixspam:\ > > :black:\ > > :msg="Your address %A is in the nixspam list\n\ > > See http://www.heise.de/ix/nixspam/dnsbl_en/ for details":\ > > :method=http:\ > > :file=www.openbsd.org/spamd/nixspam.gz [...] > quick question here. The alleged spam message was never accepted here, > instead "SMTP error is generated" telling one of the reasons above, right? > In other words, this will not be a source of "backscatter" (to the > contrary to accepting message then sending non-delivery notification to > sender whose address could have been forged). spamd.conf(5) says: Each blacklist must include a message, specified in the msg capability as a string. If the msg string is enclosed in double quotes, the characters in the quoted string are escaped as specified in getcap(3) with the exception that a colon (:) is allowed in the quoted string. The resulting string is used as the mes- sage. Alternatively, if the msg string is not specified in quotes, it is assumed to be a local filename from which the message text may be read. The message is configured in spamd(8) to be displayed in the SMTP dialogue to any connections that match addresses in the blacklist. The sequence \" in the message will produce a double quote in the output. The sequence %% will produce a single % in the output, and the sequence %A will be expanded in the message by spamd(8) to display the connecting IP address in the output. Since the message is "to be displayed in the SMTP dialogue", I also think that backscatter isn't possible. As you said the message won't be accepted. In addition spamd(8) does the following: When a sending host talks to spamd, the reply will be stuttered. That is, the response will be sent back a character at a time, slowly. For blacklisted hosts, the entire dialogue is stuttered. For greylisted hosts, the default is to stutter for the first 10 seconds of dialogue only. So chances are quite high that a blacklisted malicious host will give up at some point (before getting the error) anyway. Niklaas --Y7xTucakfITjPcLV Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXqtKPAAoJEG2fODeJrIU/g6cP+QF5pyucXbCqrR5eIN0s4lw/ KIBtRSae1EMW/dPBvfgIKU/C8IgiTSMvStetdhBdyIGOcuRAmYghxUAqqLKQinRd DOWRDcyM/xzE1YzLlGBrrjHWmdoibf7MTv1VWPsakaQRrbHnYjhooScXoIIdGPCQ cakurX9ncoo2pUKUUe9GFz79vjFk9pRe+pEXa/NmZyGX5rKvPqaFkvHy/TXDCmF4 OTtO86IqwKdAEzYNGMFB/mMD7+R8Wb0HDNV8p1oVLl6tXtPCuVY8ddJDUNq8dkb+ Ft2MmyrgMfFKoDqwMymT0MLRgLkHDeIdy1QDUgt/PWEyMPu5VQjgKQKdQEcjbhiQ q9creNJ43rRL/59cM0g4ATQbWNR0Sy0AjTG/hVHz2aihOmvxaFitm99VLHtSptNC wJAsELq80z8xrlIyrTB8c4JCil9cWsgQoALIhPl93+BgCVIYPKjKgNnuaYzltZDe q1GvBTvwFl6cisSS+YCtLhcclOO5vaqyYyVYGEYJOnfTx4u9BxQSMAFMGmR/tCp3 Yp638M+7xhIVqlYG7ScVLs56joxlu3O8hZGqe5ZUJnPT6zpysnclXm5uS3tPXiPq COPAl3JgUnnvwimh3paxHVWG6v6jgXM+7oDjWO1BegQEDsSea+COQfpvYDlVESOs e64HHAZKypNfOGCYFjtt =cV5Z -----END PGP SIGNATURE----- --Y7xTucakfITjPcLV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160810070701.GB36980>