Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 9 Jan 2015 20:08:04 -0600 (CST)
From:      "Valeri Galtsev" <galtsev@kicp.uchicago.edu>
To:        "Adam Vande More" <amvandemore@gmail.com>
Cc:        Erich Dollansky <erichsfreebsdlist@alogt.com>, FreeBSD Questions <freebsd-questions@freebsd.org>, galtsev@kicp.uchicago.edu
Subject:   Re: ?????Pls remove me I have been hacked!!!
Message-ID:  <35576.166.175.62.212.1420855684.squirrel@cosmo.uchicago.edu>
In-Reply-To: <CA+tpaK2a7C4tQSPcHAziFCfMj2NHH8jP0MefdcEaWLGyL6Ua6w@mail.gmail.com>
References:  <20150108231912.C874F48940C@agent02.agent.vmail.yz.sinanode.com> <54AF13F6.5070105@kicp.uchicago.edu> <20150109092132.2f7f131e@X220.alogt.com> <20713.128.135.70.2.1420774393.squirrel@cosmo.uchicago.edu> <CA+tpaK2a7C4tQSPcHAziFCfMj2NHH8jP0MefdcEaWLGyL6Ua6w@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On Fri, January 9, 2015 7:08 pm, Adam Vande More wrote:
> On Thu, Jan 8, 2015 at 9:33 PM, Valeri Galtsev <galtsev@kicp.uchicago.edu>
> wrote:
>
>>
>> On Thu, January 8, 2015 7:21 pm, Erich Dollansky wrote:
>> > Hi,
>> >
>> > On Thu, 08 Jan 2015 17:34:14 -0600
>> > Valeri Galtsev <galtsev@kicp.uchicago.edu> wrote:
>> >
>> >> Is that only me or others noticed too that every first message of new
>> >> thread on this list if followed by junk like this. This apparently
>> >> was delivered from domain
>> >>
>> > this is an old thing. It comes and goes.
>> >
>> >> sina.com.cn
>> >>
>> >> Would that be reasonable to reject all mail of that origin on the MX
>> >> level?
>> >>
>> > It is not that easy. The sender addresses change very often.
>> >
>>
>> That is what I assumed from the very beginning. With these things on my
>> servers I usually do this: I find out which domain sender's MX serves.
>> Then I send complaint to
>>
>> abuse@that.domain.com
>>
>> No one usually gets back to me (at least from that geoip location no one
>> ever did). Then I send similar complaint appended with note that abise@
>> never came back to me to postmaster@that.domain.com. After that I set my
>> MX to reject mail with message that that domain didn't respond abuse
>> complaint. [Did I miss something decent sysadmin should do in the case?]
>>
>
> Email is intrinsically open and spoof-able.

Sorry, I was not clear enough. I complain to domain of the box that passed
the message to my server. And this record is made by my server, hence can
not be spoofed. The same is true about domain delivered the message in
question to mail list server whose portion in the header I can trust. You
should give people some credit, not everyone is a moron...

valeri

Spending time on it further
> than marking it spam is almost universally a waste of time.  Get a better
> spam filter is the answer.  In other words:
>
> https://craphound.com/spamsolutions.txt
>
> --
> Adam
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?35576.166.175.62.212.1420855684.squirrel>