From owner-freebsd-chat@FreeBSD.ORG  Sat Mar 21 08:32:53 2009
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Delivered-To: freebsd-chat@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 95F55106566C
	for <freebsd-chat@freebsd.org>; Sat, 21 Mar 2009 08:32:53 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk
	[IPv6:2001:8b0:151:1::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 168228FC15
	for <freebsd-chat@freebsd.org>; Sat, 21 Mar 2009 08:32:52 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1])
	(authenticated bits=0)
	by smtp.infracaninophile.co.uk (8.14.3/8.14.3) with ESMTP id
	n2L8WcnD041149; Sat, 21 Mar 2009 08:32:39 GMT
	(envelope-from m.seaman@infracaninophile.co.uk)
X-DKIM: Sendmail DKIM Filter v2.8.2 smtp.infracaninophile.co.uk n2L8WcnD041149
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
	d=infracaninophile.co.uk; s=200708; t=1237624360;
	bh=UPuxZ3J8uTdyd0iylzdxhFTmN1ARuIYJSrCDJGGLVGU=;
	h=Message-ID:Date:From:MIME-Version:To:Subject:References:
	In-Reply-To:Content-Type:Cc:Content-Type:Date:From:In-Reply-To:
	Message-ID:Mime-Version:References:To;
	z=Message-ID:=20<49C4A61D.1050102@infracaninophile.co.uk>|Date:=20S
	at,=2021=20Mar=202009=2008:32:29=20+0000|From:=20Matthew=20Seaman=
	20<m.seaman@infracaninophile.co.uk>|Organization:=20Infracaninophi
	le|User-Agent:=20Thunderbird=202.0.0.19=20(X11/20090218)|MIME-Vers
	ion:=201.0|To:=20freebsd-chat@freebsd.org,=20kdk@daleco.biz|Subjec
	t:=20Re:=20spamassassin=20helps=20lots,=20but=20I'm=20tired=20of=2
	0sorting=20the=09backscatter=0D=0A=20=3B=20-)|References:=20<20090
	3202240.n2KMe1Re007705@lurza.secnetix.de>|In-Reply-To:=20<20090320
	2240.n2KMe1Re007705@lurza.secnetix.de>|X-Enigmail-Version:=200.95.
	6|Content-Type:=20multipart/signed=3B=20micalg=3Dpgp-sha256=3B=0D=
	0A=20protocol=3D"application/pgp-signature"=3B=0D=0A=20boundary=3D
	"------------enigCEFEBFA459F523D2199704F4";
	b=JbYyyzEFq7rVRtoG5LNo8lOFeuOHcD4iKAS96a9RWvO1khezIoIWgXmcHwRu/V9iW
	1ysXmHILU6ejqfiCXOlheWQ70YWpVUuB2+gak+vmtNtZ5WmcVl6Rc3vSPGTsZa2AJT
	CYQjMI9PcStP3Rx2PhorPnxcLOakucTARErMV3Lk=
X-Authentication-Warning: happy-idiot-talk.infracaninophile.co.uk: Host
	localhost [IPv6:::1] claimed to be
	happy-idiot-talk.infracaninophile.co.uk
Message-ID: <49C4A61D.1050102@infracaninophile.co.uk>
Date: Sat, 21 Mar 2009 08:32:29 +0000
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
Organization: Infracaninophile
User-Agent: Thunderbird 2.0.0.19 (X11/20090218)
MIME-Version: 1.0
To: freebsd-chat@freebsd.org, kdk@daleco.biz
References: <200903202240.n2KMe1Re007705@lurza.secnetix.de>
In-Reply-To: <200903202240.n2KMe1Re007705@lurza.secnetix.de>
X-Enigmail-Version: 0.95.6
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="------------enigCEFEBFA459F523D2199704F4"
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1
	(smtp.infracaninophile.co.uk [IPv6:::1]);
	Sat, 21 Mar 2009 08:32:40 +0000 (GMT)
X-Virus-Scanned: ClamAV 0.94.2/9147/Sat Mar 21 07:15:16 2009 on
	happy-idiot-talk.infracaninophile.co.uk
X-Virus-Status: Clean
X-Spam-Status: No, score=-3.0 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VERIFIED,NO_RELAYS autolearn=ham version=3.2.5
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
	happy-idiot-talk.infracaninophile.co.uk
Cc: 
Subject: Re: spamassassin helps lots,
 but I'm tired of sorting the	backscatter ; -)
X-BeenThere: freebsd-chat@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Non technical items related to the community
	<freebsd-chat.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-chat>
List-Post: <mailto:freebsd-chat@freebsd.org>
List-Help: <mailto:freebsd-chat-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-chat>,
	<mailto:freebsd-chat-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Mar 2009 08:32:53 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigCEFEBFA459F523D2199704F4
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

Oliver Fromme wrote:
> Kevin Kinsey wrote:
>  > Anybody got a good way to send an automagic Ping'o'death
>  > to a spammer's computer?  Maybe there's a "kick butt"
>  > plugin for AmavisD?
>=20
> Note that, in most cases, it is very difficult to identify
> the real source of the spammer.  The "From" header line
> and the envelope sender address usually do not point to
> the spammer.  Trying to shoot back to those is a very bad
> idea.
>=20
> The only reasonable thing you can do with spam is drop it
> to /dev/null.  If it makes you feel better, you can create
> a symlink /dev/painful_death -> /dev/null and instruct
> your mail filter to drop spam there instead.

Not so.  The best thing you can do about spam is refuse to accept it
during the SMTP dialogue stage.  This has two beneficial effects.

    * It allows you to visibly reject the spam without causing
      backscatter
    * It may well result in bounce-o-grammes being sent to the admins
      of compromised systems. (Not always -- but I've seen a trend
      for some botnet zombies to send outgoing spam via their usual
      mail relays rather than directly)

The second best thing you can do is take your own sweet time over
processing incoming spam messages.  Contrary to all appearances,
there are still more people targeted by spam than there are spam
sources.  Spammers get paid for pumping out millions of messages.
Any simple way there is of slowing down that traffic will lower
their income or raise their marginal costs and it won't take too
much to put at least a few of them out of business.  Tarpitting
or teergrube does that and can tie up a dozen or more spam senders
at a time without killing the performance of your own mail systems.

For the latter task, I can most heartily recommend obspamd (net/spamd
spamd(8) -- not to be confused with the spamd(1) program which is part
of spamassassin.  My only complaint is that it does not understand
IPv6)

	Cheers

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW


--------------enigCEFEBFA459F523D2199704F4
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEAREIAAYFAknEpiYACgkQ8Mjk52CukIzTRACfc17Rw6Rq9sA3EUGK3kj01wwp
BVIAn0x7I0wXfK3mSo3nxo/+ajgS6Gei
=gt1J
-----END PGP SIGNATURE-----

--------------enigCEFEBFA459F523D2199704F4--