Marco d'Itri writes ("spam sent to debian.org addresses"): > What's wrong with our mail system? Why can't the debian admins blacklist > a well known spammer, or even better use a reputable DNSBL like SBL?
I too find that the amount of spam I get via Debian systems is quite a problem. Many of our mailinglists are virtually unuseable due to the spam volume. Also, I imagine that our mail administrators must junk all bounced bounces (because they'll have so many of them), so that our mail is not reliable either. There are a wide variety of tools out there than can help a lot. While most of them nowadays don't require uniform policy for the whole mailserver, many do require some support from the sysadmins. For example, dnsbl-based filtering can only sensibly be done when the dnsbl is configured on the incoming mailserver, even if it only adds warning headers for per-user filtering further downstream. As another example, my own antispam software (SAUCE) must be installed on the MX, but can delegate control of policy to each individual recipient user so that each user can choose whether they would like to accept `doubtful' mail, make exceptions for particular correspondents, etc. Also, I note that debian.org has secondary and tertiary MXs ! This is nearly always a bad idea nowadays - it just leads to spammers bypassing your attempts at policy control, to increased bounced bounces, etc. Personally I'd be very happy if the admin team were to install SAUCE on murphy. I'd even be willing to help install and run it. (I know that SAUCE isn't very popular in some quarters, particularly, people who like to do SMTP direct from dynamic ISP pools or who have broken reverse DNS. But surely as a mail recipient I should be able to decide for myself whether I want to receive such mail ? SAUCE would give me that ability, without compromising the ability of other users to choose otherwise.) In any case, using very-low-false-positive dnsbls like the Spamhaus list is an obvious step that ought to be taken straight away. Ian.