At 11:59 2005-01-25 +0100, Michelle Konzack wrote:
Am 2005-01-24 17:26:24, schrieb Professional Software Engineering:
> If you're looking for something for mail admins to be hostile about, you
> should check out what Verizon has decided to do (blocking mail from
> European sources, AND performing SMTP callbacks).
Realy interesting... because more then 90% of the SPAM
comming from IP's inside the USA !
I avoid a LOT of spam by blocking a handful of asia-pacific netblocks
(China prominently among them) via a private DNSBL I produced a few yeara
ago. I don't often sit down and analyse the sources on the rejected mail
because what I've seen says it's working just fine, but I definatley have a
LOT less spew to deal with in procmail since I did that. I've been doing
it since long before the "nerd.dk" country-identifying DNSBL (not a spam
source dnsbl, just identifies which country an IP is supposed to be in) was
produced, but that's a readily available public DNSBL that can be used to
achieve the same result.
So, while the 90% figure may be true, it doesn't seem to be in my own
first-hand experience.
I've read some correspondance about the stupidity of the Verizon action,
which goes well beyond the added burden on the mail system and the
stupidity of blocking mail from countries which aren't responsible for
sending spam. It includes how Verizon's callback (they basically start a
new email transaction to your inbound mail server using RCPT and then
abruptly terminate it without following the SMTP protocol) can be used by
spammers to validate addresses indirectly. The spammer merely needs to
forge messages from you and send them to a verizon mail server, who will
validate the address via the callback, which circumvents any blocks you may
have in place on the spammer themselves. If the spammer's message is
rejected, the address at your domain they're using would appear to be
invalid, and if it's accepted, then they know it's valid *AND* they've just
sent a forged message from you to boot (unless they terminate before
sending the body).
Argh - not only to they block euro mail, stuff up mail server queues with
delays, produce unwanted and patently BROKEN email conversations, but they
also act as a proxy for spammers. Sweet, ain't it?
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail