Please confirm your message - Re: [Wylug-discuss] server based /home

James Holden (WYLUG) wylug at jamesholden.net
Tue Mar 16 09:50:44 GMT 2004 

gARetH baBB wrote:
[...]

 > viz. when abuse at blueyonder started doing a similar thing - "email doesn't
 > work, only use this dodgy web form" - they just started getting
blocked by
 > loads of people as basically being an abuse sink.

Which is exactly what I'm *not* doing, cos it's dumb.

 > You're not doing exactly the same thing, but something damn close -
people
 > use email because it's email and they don't have to prat about, and
 > needing to go through any further stage is just going to get people to
 > tell you to fuck off.

I agree it's not perfect, but do you want to talk to me or not?

 > And as soon as you start sending stuff out in response to bogus addresses
 > derived from spam runs, people will just either block you or complain to
 > ntl.

Really? So when somebody's address gets used as a spam return address,
they complain to other peoples ISPs because of the bounces? They would
still get a bounce message even if the mail was rejected by my server.
At least *this* bounce message serves a useful purpose.

 >>Well I happen to not like getting around 500 (mostly pornographic or
 >>fraudulent) spams per day to wade through. I think of the filter making
 >>me a bit like being ex-directory.
 >
 >
 > You're doing it wrong then, I don't filter on content nor do I resort to
 > bizarre tactics like you have (I do have blacklists for sender and helo
 > though) and I get at *most* 2 or 3 a day.

Well you're lucky then. Most people have huge problems with spam.

 > Let's look at your primary MX, zion.2dcube.co.uk.
 >
 > (I'm presuming some of these things, because depending on how you config
 > things it's hard to tell without going through a full mail delivery
 > including the DATA part)
 >
 > It's accepted a non-qualified HELO (fish).
 >
 > It's accepted a bogus HELO/EHLO of "jamesholden.net"
 >
 > It's accepted a bogus HELO/EHLO of 80.84.72.131.
 >
 > It's accepted MAIL without any previous valid HELO/EHLO.

None of these will result in any mail actually being accepted. The
delayed reject of the first test you did is in order to do further checks.

 > It's not doing sender verify callouts.

Granted, but it's something I mean to look into. Easier on exim than
postfix I believe.

 > That's 80% of spam allowed through which otherwise would have been
caught.

70% is about the right figure for mail that never gets further than a
RCPT TO. Of the remaining 30%, Spamassassin catches about 90% of that,
and TMDA deals with the rest.

 > Looking at www.jamesholden.net you have in the first few lines
 > "james at jamesholden.net" raw, no encoded @ or anything - you deserve all
 > you get ! Stop complaining and eat your spam.

Actually, james at jamesholden.net doesn't get very much at all. I don't
think the spammers harvest from the web much these days. There are much
more efficient methods of getting addresses.

James

More information about the Wylug-discuss mailing list