Date: Sun, 8 Jan 2006 10:43:35 +0000 From: Ceri Davies <ceri@submonkey.net> To: Ted Mittelstaedt <tedm@toybox.placo.com> Cc: questions@freebsd.org, Robert Slade <bsd@bathnetworks.com> Subject: Re: Spamcop listed - need help to diagnose why Message-ID: <9270E4E0-F4E9-4F2E-BCF0-DBF360E16D53@submonkey.net> In-Reply-To: <LOBBIFDAGNMAMLGJJCKNCEDNFDAA.tedm@toybox.placo.com> References: <LOBBIFDAGNMAMLGJJCKNCEDNFDAA.tedm@toybox.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --Apple-Mail-1--503973840 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 8 Jan 2006, at 05:03, Ted Mittelstaedt wrote: > > >> -----Original Message----- >> From: owner-freebsd-questions@freebsd.org >> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Robert Slade >> Sent: Friday, January 06, 2006 11:24 PM >> To: David Banning >> Cc: questions@freebsd.org >> Subject: Re: Spamcop listed - need help to diagnose why >> >> >> >> There is your problem TMDA is most likely the cause. Such >> programmes are >> in effect adding to the spam problem. Nearly all spam has a forged >> from >> address and all programmes such as TMDA do is send a challenge to an >> innocent 3rd party. Whist it looks like it reduces your spam all >> you do >> is in effect spam someone else. When your e-mail address has been >> used >> in a spam run by a spammer and you start getting 10s of these >> challenge >> an hour it is quite easy to report 1 my accident. If you look at the >> Spamcop reporting page you will see a warning about just this >> situation. >> >> I suppose that the real answer is to stop compounding the spam >> problem >> and use a combination of spamassassin and block lists. >> >> BTW I make it a point never to respond to challenges. >> > > Ditto, and for the same reasons. I've removed David from the cc > list on this for that reason as well. > > Also we need to be aware of another trick that spammers have > figured out, that applies to anyone running multiple MX records on > a domain (I don't know if David is in that situation) > > Normally if a domain has a single mailserver processing incoming > mail, there's a single MX record pointing to a single machine. But > in many cases it's desirable to relay mail through a prefilter system > before it gets to the actual mailserver. In those cases a common > trick is to block the highest priority MX host off with an access > list. Senders try the highest priority, it fails, they then go to > the next highest priority host which is the relay host. That host > gets it, does it's thing, then tries to send it to the highest > priority server which should work since the access list permits that > server. This technique has been mentioned in the sendmail book > among others. Yes, but that is actually massively rude. The hosts listed in a domain's MX record are supposed to be hosts willing to exchange mail for that domain, so listing ones that are not it just wasting everyone's time and resources. If you want to have such a prefilter system, there is no need to list the end system in the MX records; just use an internal route to do that. Ceri --Apple-Mail-1--503973840 content-type: application/pgp-signature; x-mac-type=70674453; name=PGP.sig content-description: This is a digitally signed message part content-disposition: inline; filename=PGP.sig content-transfer-encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) iD8DBQFDwOzYme8yCsQvJJ0RAvUIAKCYJRMIRU/Vk2gC8Gh6Z4JumrWIswCgnGkk LLcFU8zJ0FO1mkEbAPXy8is= =AV8+ -----END PGP SIGNATURE----- --Apple-Mail-1--503973840--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9270E4E0-F4E9-4F2E-BCF0-DBF360E16D53>