From owner-freebsd-stable@FreeBSD.ORG Wed Sep 24 21:05:40 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2996E16A4BF for ; Wed, 24 Sep 2003 21:05:40 -0700 (PDT) Received: from ozlabs.org (ozlabs.org [203.10.76.45]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2EAFA43FCB for ; Wed, 24 Sep 2003 21:05:38 -0700 (PDT) (envelope-from grog@lemis.com) Received: from blackwater.lemis.com (blackwater.lemis.com [192.109.197.80]) by ozlabs.org (Postfix) with ESMTP id 71CB02BD64 for ; Thu, 25 Sep 2003 14:05:36 +1000 (EST) Received: by blackwater.lemis.com (Postfix, from userid 1004) id 91E3951836; Thu, 25 Sep 2003 13:36:16 +0930 (CST) Date: Thu, 25 Sep 2003 13:36:16 +0930 From: Greg 'groggy' Lehey To: Kirk Strauser , Drew Derbyshire Message-ID: <20030925040616.GC32280@wantadilla.lemis.com> References: <8765jhg7eo.fsf@strauser.com> <004001c38302$c8589e50$84cba8c0@kendra> <8765jhg7eo.fsf@strauser.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="nmemrqcdn5VTmUEE" Content-Disposition: inline In-Reply-To: <004001c38302$c8589e50$84cba8c0@kendra> <8765jhg7eo.fsf@strauser.com> User-Agent: Mutt/1.4i Organization: The FreeBSD Project Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-418-838-708 WWW-Home-Page: http://www.FreeBSD.org/ X-PGP-Fingerprint: 9A1B 8202 BCCE B846 F92F 09AC 22E6 F290 507A 4223 cc: freebsd-stable@freebsd.org Subject: Mail blocking (was: I've had enough. I'm starting a DNS blackhole list.) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Sep 2003 04:05:40 -0000 --nmemrqcdn5VTmUEE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wednesday, 24 September 2003 at 17:15:27 -0500, Kirk Strauser wrote: > Yep, I really am. From now on, any system that relays a virus-laden email > to my system is going into a DNS blackhole list serving all of the systems I > administer. In a fit of "had it up to here"-ness, I've written the > following programs today: > > ... On Wednesday, 24 September 2003 at 21:17:26 -0400, Drew Derbyshire wrote: >> [missing context] > > Seems like a lot of work with way too much room for false positives. > > Why aren't you running a content filter on executable attachments so they > get bounced and you never see them? One reason would be that the traffic is expensive. I'm on a 2 GB/month plan, after which I pay significantly higher charges. I'm currently getting 50 to 60 MB a day just of this mail crap. Yes, it all gets dropped (just dropping .exe attachments does it), but that doesn't stop the traffic. Greg -- See complete headers for address and phone numbers --nmemrqcdn5VTmUEE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (FreeBSD) iD8DBQE/cmm4IubykFB6QiMRAiz/AJ4p87dYQWfyjGZLk64x3M8BaTNxQACfRg68 L3OOxUIvqCgQYVJ5oo8zXmg= =J3du -----END PGP SIGNATURE----- --nmemrqcdn5VTmUEE--