Re: subscribe to blacklist for domains
On 14/08/2022 23:15, David Bürgin wrote: To clarify: Backscatter is caused by 'rejecting' mail with a bounce message, after first accepting it. This is what was being suggested by some, I think everyone here knows what backscatter means, and what it is. -- Regards, Noel Butler This Email, including attachments, may contain legally privileged information, therefore at all times remains confidential and subject to copyright protected under international law. You may not disseminate this message without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message.
Re: subscribe to blacklist for domains
On 14/08/2022 22:37, Martin Gregorie wrote: On Sun, 2022-08-14 at 11:39 +1000, Noel Butler wrote: On 14/08/2022 02:38, Martin Gregorie wrote: 3) It would be rather trivial to return spam to sender with a suitable WTF, that has been a terrible idea since the 90s, given most spam is spoofed, the end result of this will be your mail server getting the poor reputation as source of backscatter and going into blacklists :) greed - I don't do that, but almost as long as I've been on this list there have been advocates of it. As I said, I thought about it, but the effort of writing a filter to determine what, if anything should be bounced or rejected, has never seemed worth the effort for such a low volume mail used as myself. Martin When people advocate for it, it goes to show the only thing they have ever been responsible for is their own home mail server with accounts for them and maybe a friend or two on it, never for anything commercial, you've been around a great many years Martin, so I'm glad you resist the temptation of the fools. -- Regards, Noel Butler This Email, including attachments, may contain legally privileged information, therefore at all times remains confidential and subject to copyright protected under international law. You may not disseminate this message without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message.
Re: subscribe to blacklist for domains
On 8/14/2022 2:55 PM, John Hardin wrote: On Sat, 13 Aug 2022, joe a wrote: Why waste your own system resources to help a scoundrel? Drop them and be done. I personally perfer to TCP tarpit repeat offenders. +1 -- Jared Hall
Re: subscribe to blacklist for domains
On Sat, 13 Aug 2022, joe a wrote: Why waste your own system resources to help a scoundrel? Drop them and be done. I personally perfer to TCP tarpit repeat offenders. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.org pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Human beings are born with different capacities. If they are free, they are not equal. And if they are equal, they are not free.-- Aleksandr Solzhenitsyn --- Tomorrow: the 77th anniversary of the end of World War II
Re: subscribe to blacklist for domains
> WTF, that has been a terrible idea since the 90s, given most spam is > spoofed, the end result of this will be your mail server getting the > poor reputation as source of backscatter and going into blacklists :) If you reject, you should reject on their SMTP connection. If you return a DSN later, there's a high chance you are causing back-scatter spam to the wrong place. When you reject on the initial connection, if the spammer is abusing someone else's infrastructure, you may cause errors to go back to the owner of that infrastructure which will clue them into a problem they need to clean up. Not always though. Some ESPs track DSNs they get back and remove those addresses from future mailouts. If the spammer reuses that ESP, your address may not be used again with that account. This is really more useful for fringe spam like things you didn't realize you signed up for or things that weren't meant for you. On the other hand, some ESPs let you report the account as spam, but to do that you'd have had to received the message first to click on some link in it. Mailchimp for example lets you click a box to be removed and tell them you consider it spam and if they get sufficient complaints, the account is blocked. In short, I don't think it's bad to reject spam. Care needs to be taken blanket blocking mail from ESPs though. signature.asc Description: PGP signature
Re: subscribe to blacklist for domains
Martin Gregorie: > On Sun, 2022-08-14 at 11:39 +1000, Noel Butler wrote: > > On 14/08/2022 02:38, Martin Gregorie wrote: > > > > > 3) It would be rather trivial to return spam to sender with a > > > suitable > > > > WTF, that has been a terrible idea since the 90s, given most spam is > > spoofed, the end result of this will be your mail server getting the > > poor reputation as source of backscatter and going into blacklists :) > > > greed - I don't do that, but almost as long as I've been on this list > there have been advocates of it. As I said, I thought about it, but the > effort of writing a filter to determine what, if anything should be > bounced or rejected, has never seemed worth the effort for such a low > volume mail used as myself. To clarify: Backscatter is caused by ‘rejecting’ mail with a bounce message, after first accepting it. Backscatter is not caused by rejecting mail directly during the SMTP conversation. The Wikipedia page explains this really quite well: https://en.wikipedia.org/wiki/Backscatter_%28email%29 Depending on one’s goals it may be useful to reject spam, at least obvious spam, early, eg using a milter.
Re: subscribe to blacklist for domains
On Sun, 2022-08-14 at 11:39 +1000, Noel Butler wrote: > On 14/08/2022 02:38, Martin Gregorie wrote: > > > 3) It would be rather trivial to return spam to sender with a > > suitable > > WTF, that has been a terrible idea since the 90s, given most spam is > spoofed, the end result of this will be your mail server getting the > poor reputation as source of backscatter and going into blacklists :) > greed - I don't do that, but almost as long as I've been on this list there have been advocates of it. As I said, I thought about it, but the effort of writing a filter to determine what, if anything should be bounced or rejected, has never seemed worth the effort for such a low volume mail used as myself. Martin