[SA-exim] devnull relayed spam?
Rick Moen
rick at linuxmafia.com
Wed Nov 10 13:09:43 PST 2004
Quoting Tor Slettnes (tor at slett.net):
> I tend to agree in the case where you are using another host as a
> secondary MX. It is important that you either have control of your own
> MXs, or that the party hosting your secondary MX has (at least) as
> stringent filters as you do.
>
> There are a couple of other cases where there _is_ a need for
> host-based whitelisting:
>
> - If someone on your site subscribe to a mailing list, you'll get
> forwarded spam from that list.
This decade's argument of "Please don't punish my badly administered
mailing-list box's MTA" seems to strongly resemble last decade's
argument of "Please don't punish my badly administered open relay".
I wonder how many people will accept the reasoning, this time?
Personally, I 550-reject or teergrube mailing list spam sources with no
regrets. Some negligent mailadmins scream; I LART them a little harder.
It's a darwinian communication process that makes up in efficiency and
sincerity what it lacks in polish.
> In my case, most spam comes from the Debian list servers, or to my
> <tor at debian.org> account.
Like those negligent mailadmins, for example. À bas qmail! Écrasez
l'infâme![1]
> - If one of your users have a ".forward" setup on another host, you
> will get spam from there.
The other host has an admin who needs cluebatting -- and clearly there's
no good to be derived from accepting his spam.
> In both these cases, you do not want to do SMTP (550) rejects - you'll
> only (a) hurt your friend, who will see freezes in their mail queue, or
> (b) generate collateral spam -- depending on whether the sender address
> is valid or not.
(a) You're _helping_ your friend, by clarifying to him that the other
mailadmin is screwing up in his name, by accepting and trying to deliver
easily avoidable spam addressed to him.
(b) You are not generating that collateral spam: The negligent
mailadmin is. He should not have accepted that mail in the first place,
or, having accepted it, should not have attempted to deliver it. If he
fails to do either of those things and you reject his mail, his turning
your DSN into collateral spam is a third screw-up.
The proper response is not to help conceal and paper over that
third-rater's errors; it's to LART him until he bleeds. Otherwise, how
and when is the problem there going to get fixed?
Again, see last decade's open-relay flamewars for further information;
the arguments were the same.
My opinion; yours for a small fee and disclaimer of reverse-engineering
rights.
[1] I'm kidding. Unconfirmed rumour suggests that even qmail is capable
of competent SMTP-time processing.
--
Cheers, "Plus ça change...."
Rick Moen http://linuxmafia.com/~rick/pictures/1861-versus-2004.jpeg
rick at linuxmafia.com P.S.: http://72.3.131.10/gallery/1/
More information about the SA-Exim
mailing list