I'm also somewhat concerned (call me a security nut if you must :-) ) that someone will maliciously forge email from my address (spam does this all the time - it's insanely easy to do) and send it to the laconica updater address (they would have to find out my post-to email address, but I bet it's not that hard). If the server checks SPF and DKIM, then for some people who use servers that send email using DKIM and/or support SPF, these malicious messages would be silently dropped.
So SPF/DKIM seems like a win/win: drop bad email so you don't have to process it, and ensure that "valid" email really is valid, eliminating another attack vector. As long as the server conforms to the specs, there is no compatibility problem with SPF or DKIM. As you said, the big players (Yahoo! Mail, Hotmail, and GMail) have been using these 3 technologies for at least a couple of years for incoming and outgoing mail. ~Craig > Anything that saves hits to maildaemon.php is a win, but spam won't > hit it if you drop unknown recipient mail at smtp time. > > Basically, never accept all mail for a domain. > > Also, lots of spam is DK signed, so you still need SA at smtp time, > whether you do expensive DK lookups or not. > > Concerted spamming on a laconica server that is open to wildcarding is > going to bring it down. > > With 550 response to unknown users, it's dealt with quickly and cheaply. > > In my experience, DK for outgoing is good for delivery to > hotmail/yahoo/gmail but the gateways seem to be pretty lenient at the > moment. Anyone had delivery trouble? > > Stef > > On Mon, Jun 29, 2009 at 9:56 PM, Craig Andrews<[email protected]> > wrote: >> Another improvement would be to implement DKIM and SPF checking in the >> MTA >> (postfix usually) that runs the domain. This instantly drops off a >> decent >> amount of spam, and would save hits to maildaemon.php. >> >> To be fully effective, the domain should use DKIM for outgoing mail, and >> have SPF configured. >> >> http://laconi.ca/trac/ticket/488 >> http://laconi.ca/trac/ticket/487 >> http://laconi.ca/trac/ticket/490 >> http://laconi.ca/trac/ticket/489 >> >> ~Craig >> >>> Hi all, just posted this to trac, but thought I would send to the >>> list, apologies if it has already been addressed or implemented. >>> >>> I did see >>> http://mail.laconi.ca/pipermail/laconica-dev/2009-March/001046.html >>> but it seems to me that relying on the checks in maildaemon.php, >>> rather than dropping invalid recipient mail on the floor first, is >>> unnecessarily expensive. I understand that the idea is simply to >>> validate posts, but from a system usage and architecture viewpoint, >>> this should get done only after the MTA handles the email correctly. >>> >>> Accepting all email for a domain has to be seen as something that will >>> affect availability, performance and security. Wildcarding all mail >>> for a domain and running it through a script will create performance >>> and availability issues, and will expose the system to attack. I think >>> the maildaemon.php script works well, but every mail sent to a >>> laconica server hits it with the commonly found *|maildaemon.php >>> /etc/aliases setup. >>> >>> MTAs like postfix have very robust solutions to this if allowed to >>> work the way they are supposed to, by checking if we want to accept >>> mail for a recipient address, i.e. the made up email address. >>> >>> Even with an average amount of spam, let alone an attack, performance >>> has to be affected. >>> >>> I have a draft howto http://pbj.ca/postfix.html that properly rejects >>> invalid mails before they hit maildaemon.php, using postfix. >>> >>> Example output from mail on my laconica instance: >>> >>> $ telnet localhost 25 >>> Trying 127.0.0.1... >>> Connected to localhost.shellfusion.net. >>> Escape character is '^]'. >>> 220 aurora.nearsourceit.com ESMTP Postfix >>> helo localhost >>> 250 aurora.nearsourceit.com >>> mail from: [email protected] >>> 250 2.1.0 Ok >>> rcpt to: [email protected] >>> 250 2.1.5 Ok >>> data >>> 354 End data with <CR><LF>.<CR><LF> >>> telnet post ;) >>> . >>> 250 2.0.0 Ok: queued as 2420613C41A >>> quit >>> 221 2.0.0 Bye >>> Connection closed by foreign host. >>> $ telnet localhost 25 >>> Trying 127.0.0.1... >>> Connected to localhost.shellfusion.net. >>> Escape character is '^]'. >>> 220 aurora.nearsourceit.com ESMTP Postfix >>> mail from: [email protected] >>> 250 2.1.0 Ok >>> rcpt to: [email protected] >>> 550 5.1.1 <[email protected]>: Recipient address rejected: User >>> unknown in virtual mailbox table >>> >>> I advise everyone to implement proper recipient checking using the >>> incomingemail data in their database with an MTA; maildaemon.php is >>> not a substitute for recipient checking. >>> >>> Regards, >>> >>> Stef >>> >>> Stefan Caunter >>> _______________________________________________ >>> Laconica-dev mailing list >>> [email protected] >>> http://mail.laconi.ca/mailman/listinfo/laconica-dev >>> >> >> >> > _______________________________________________ Laconica-dev mailing list [email protected] http://mail.laconi.ca/mailman/listinfo/laconica-dev
