spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Bounce-Spam and SPF-Ignorant ISPs - it is time to retaliate?

2006-02-06 09:56:08
from [Stuart D. Gathman] [Permanent Link] 
On Mon, 6 Feb 2006, Constantine A. Murenin wrote:


On 27/11/05, Scott Kitterman <spf2(_at_)kitterman(_dot_)com> wrote:

Spamcop will take reports on bounces.


It seems that one of my personal domains is now used as the FROM
domain to send advertisements of Building and Construction Licence
services in Spb., Rus. Fed.

Most of those messages originate from IPs and domains that I REJECT in
my /etc/mail/access, so I am very disappointed that now, because of
the carelessly configured so-called legitimate servers, I have to see
all of those messages unfairly bounce to me.

I've looked at http://www.spamcop.net/fom-serve/cache/125.html
(referred as "what to report and what not to report to SpamCop"), and
it does not seem to address spam bounces... Where do I report these
bounces? Justice must happen!


"Nice" strategies:

1) Implement SRS or other MFROM signing scheme on your MTA.

2) Reject bounces that are not signed.

"Aggressive" strategies:

3) Reject illegitimate "bounces" that use "mailer-daemon",
"postmaster", or other lame substitute for <> (i.e. reject when
MFROM is "mailer-daemon(_at_)somedomain" and RCPT TO is unsigned).

4) While rejecting illegitimate bounces, also send a (proper) DSN
to abuse(_at_)hellodomain and/or postmaster(_at_)hellodomain complaining about
their braindead configuration.

5) While rejecting otherwise legitimate bounces which should have been
rejected via -all, send a message (since you shouldn't DSN a DSN) to
postmaster(_at_)hellodomain asking them to check SPF.  Do not send the message 
for
every bounce, but rate limit to 1/week.

6) When the bounce is a message the says "this message could not be
delivered because it got SPF FAIL" (or similar jaw dropping "unclear
on the concept" stupidity), send a DSN to abuse(_at_)hellodomain and
postmaster(_at_)hellodomain explaining the concept of SPF.

Should the SPF RFC say anything about not bouncing email that gets
SPF fail?  Those bounces are likely due to software that 
tries to check SPF using "Received" headers at a machine that is
not actually the gateway.  The only thing such a result is good for
is input to a spam scoring system.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] SPF Council requests additional information from SPF Community on if IAB appeal is appropriate, Jeff Macdonald
Next by Date:  Re: [spf-discuss] SPF Council requests additional information from SPF Community on if IAB appeal is appropriate, Stuart D. Gathman
Previous by Thread:  Re: [spf-discuss] Bounce-Spam and SPF-Ignorant ISPs - it is time to retaliate?, Constantine A. Murenin
Next by Thread:  [spf-discuss] Re: Bounce-Spam and SPF-Ignorant ISPs - it is time to retaliate?, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]