From owner-freebsd-stable@FreeBSD.ORG Thu Jan 25 10:29:02 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C77D216A401 for ; Thu, 25 Jan 2007 10:29:02 +0000 (UTC) (envelope-from joao@matik.com.br) Received: from msrv.matik.com.br (msrv.matik.com.br [200.152.83.14]) by mx1.freebsd.org (Postfix) with ESMTP id 2D2A713C45B for ; Thu, 25 Jan 2007 10:29:01 +0000 (UTC) (envelope-from joao@matik.com.br) Received: from ap-h.matik.com.br (ap-h.matik.com.br [200.152.83.36]) by msrv.matik.com.br (8.13.8/8.13.1) with ESMTP id l0PASJ6d020354; Thu, 25 Jan 2007 08:28:20 -0200 (BRST) (envelope-from joao@matik.com.br) From: JoaoBR Organization: Infomatik To: freebsd-stable@freebsd.org Date: Thu, 25 Jan 2007 08:28:50 -0300 User-Agent: KMail/1.9.4 References: <8a20e5000701240903q35b89e14k1ab977df62411784@mail.gmail.com> <87ps93poqg.fsf@thingy.datadok.no> In-Reply-To: <87ps93poqg.fsf@thingy.datadok.no> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200701250828.50540.joao@matik.com.br> X-Virus-Scanned: ClamAV version 0.88.4, clamav-milter version 0.88.4 on msrv.matik.com.br X-Virus-Status: Clean Cc: "Peter N. M. Hansteen" Subject: Re: Loosing spam fight X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Jan 2007 10:29:02 -0000 On Thursday 25 January 2007 04:08, Peter N. M. Hansteen wrote: > For purposes of making the subject less true, setting up greylisting > with an optional tarpit for known baddies can be very effective. See > Dan Langille's recent Onlamp article[1] or for that matter my tutorial[2] > for how this is done using PF and spamd - this way it doesn't matter much > which MTA(s) you use. > > [1] http://www.onlamp.com/pub/a/bsd/2007/01/18/greylisting-with-pf.html > [2] http://home.nuug.no/~peter/pf/en/, with the specifics of spamd and > greylisting starting at http://home.nuug.no/~peter/pf/en/spamd.html all this methods are certainly useless, stay calm ok the only way to block spam really is blocking any incoming tcp:25 ... any firewall based method you may use do block innocents as well, ike some = do=20 they block entire IP ranges from countries because most spam comes from the= m,=20 that is stupid, more brainless since the spam mostly is not generated by an= y=20 of this servers, it only goes through it, this method might cause *you* not= =20 getting this spam but does not stop spam at all ... probably better, if you like firewall blocks, cutting the complete US IP=20 address space from sending to any tcp:25 to stop spam definitly, because I= =20 never heard of chinese or african viagra hahahaha spam block list abviously are very usefull so long as they are maintained IMO a good way and probably the best way is to do some inicial checks like= =20 connection rate and limit them, then a spam checker like spamassassin for=20 regex and header checks still you get SPAM and you never can block spam 100%, spammers change serve= rs,=20 IPs, patterns faster then we can react, but we all know this right?=20 and even then if you get it all into your box you still get spam by whom se= nds=20 it out without caring of identity or hiding it, a correct email msg but spam where spam needs to be catched is at the origin, ISPs should take care of t= his=20 problem by not permitting access to outside servers but only passing throug= h=20 their smtp gateways, an outgoing spam check is what needs to be done but =20 here nobody cares ... =2D-=20 Jo=E3o A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br