Re: Loosing spam fight
Except that the original mail was talking about greylisting. This won't reject any mail sent from a MTA that correctly implements SMTP. According to the SMTP specs, I am perfectly at liberty to tell you that I can't accept your mail right now, please try again later. =20 But isn't the point of greylisting that it *will* reject spam, because the MTA won't retry. Indeeed I thought that was the basis of why greylisting is a good idea in the fight against spam. Ergo the guy is right you *are* rejecting the email - because you can talk about stndards all you like, but in practice you know that if it's spam then it isn't likely to come back, and hence saying 'try again' actually effectively rejects the message. That's the entire point isn't it ? Of course, most of us *do* want to achive that result - but what the previous poster seem to be trying to say (to me) is that rejecting mail instead of delivering it to a separate 'spam' inbox is wrong, because it is not our place to decide what our users may or may not want to recive and hence we should not discard email for them without giving them a say in the matter. In practical terms, of course, this is what the vast majority of users *do* want us to do - but in purely theoretical ethical terms the guy is actually right! -pete. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Saturday 27 January 2007 02:16, Peter Jeremy wrote: On Fri, 2007-Jan-26 09:24:58 -0200, JoaoBR wrote: like I said, for my understandings firewall implemention for spam fighting is wrong because you reject the message Except that the original mail was talking about greylisting. This won't reject any mail sent from a MTA that correctly implements SMTP. According to the SMTP specs, I am perfectly at liberty to tell you that I can't accept your mail right now, please try again later. greylisting does not necessarily catch incorrectly implemented SMTP but basicly catch any source not seen before with a correct greeting unless it is whitelisted then, spam is not necessarily incorrectly implemented SMTP and can be an absolute correct email message (within SMTP specs) which then btw is rejected so the question is, if this is a correct way to handle it, rejecting I mean also a point to think about, most complains about spam talk about bandwidth consumption, by asking for resend later you certainly increase bandwidth consumption and resources on both sides -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Sat, Jan 27, 2007 at 10:58:46AM -0200, JoaoBR wrote: also a point to think about, most complains about spam talk about bandwidth consumption, by asking for resend later you certainly increase bandwidth consumption and resources on both sides Most spammers do not bother to return if they get a resend request. That's the whole point of doing this. So practically it doesn't increase bandwidth consumption. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgp8WS6mMWg8B.pgp Description: PGP signature
Re: Loosing spam fight
On Saturday 27 January 2007 12:10, you wrote: On Sat, Jan 27, 2007 at 10:58:46AM -0200, JoaoBR wrote: also a point to think about, most complains about spam talk about bandwidth consumption, by asking for resend later you certainly increase bandwidth consumption and resources on both sides Most spammers do not bother to return if they get a resend request. That's the whole point of doing this. So practically it doesn't increase bandwidth consumption. you must see both sides, following your theory, spammers stay away but good guys *are* coming back, greylisting is at the end the same only a little bit less stupid than this anti-spam-send-and-ask-a-confirmation-mail things also that spammers don't come back is an illusion, firstable they do it for money and secondable if they don't come back from the same source they come back from another and either one might be spoofed so you can greylisting yourself to death because sooner or later all sources are blacklisted or you're rewriting continuously your whitelists and both are probably unreliable at the end -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Sat, Jan 27, 2007 at 09:32:54AM -0500, Jim Pingle wrote: To defeat this, wouldn't a spammer just have to send out the same spam twice in a row from the same machines, spaced apart by a little time? Yes. But in practice, most spammers don't bother. They don't use a real SMTP server, but custom apps that can be run from zombies to push out as much spam as possible. See http://projects.puremagic.com/greylisting/whitepaper.html Bonus for the spammer: accounts on servers without greylisting would get two copies of the spam. That's not a bonus. Think about it. Sending a message twice will cut the spammer's mail delivery rate at least in half. Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. There is no silver bullit. But currently greylisting seems to stop around 95% of spam, and a lot of e-mail based virusus too. See the link above. It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. Since the cure for greylisting involves at least cutting the spam rate in half, I doubt many spammers will adopt it. As for delaying legitimate mail, SMTP is considered an unreliable transport. That is why RFC 821 allows for temporary failures. If you want to contact someone about something that is time-critical, you shouldn't use e-mail anyway. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpkRQSjBitRc.pgp Description: PGP signature
Re: Loosing spam fight
On Saturday 27 January 2007 12:32, Jim Pingle wrote: Roland Smith wrote: Most spammers do not bother to return if they get a resend request. That's the whole point of doing this. So practically it doesn't increase bandwidth consumption. ... Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. finally some cares about the users here, that is a really important point, how do you justify that your client get the email he is waiting for an hour later? Probably he looks then for a better service provider ... -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
Roland Smith wrote: Most spammers do not bother to return if they get a resend request. That's the whole point of doing this. So practically it doesn't increase bandwidth consumption. This conversation is getting rather OT for -stable, but I felt the need to ask a question: To defeat this, wouldn't a spammer just have to send out the same spam twice in a row from the same machines, spaced apart by a little time? Bonus for the spammer: accounts on servers without greylisting would get two copies of the spam. Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. Jim ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Sat, Jan 27, 2007 at 12:57:08PM -0200, JoaoBR wrote: On Saturday 27 January 2007 12:10, you wrote: On Sat, Jan 27, 2007 at 10:58:46AM -0200, JoaoBR wrote: also a point to think about, most complains about spam talk about bandwidth consumption, by asking for resend later you certainly increase bandwidth consumption and resources on both sides Most spammers do not bother to return if they get a resend request. That's the whole point of doing this. So practically it doesn't increase bandwidth consumption. you must see both sides, following your theory, spammers stay away but good guys *are* coming back, greylisting is at the end the same only a little bit less stupid than this anti-spam-send-and-ask-a-confirmation-mail things Greylisting makes use to the features of the SMTP protocol that spammers usually don't bother to implement, because it would make their programs more complicated and would decrease their delivery rate considerably. also that spammers don't come back is an illusion, According to http://projects.puremagic.com/greylisting/whitepaper.html it's not an illusion. firstable they do it for money and secondable if they don't come back from the same source they come back from another and either one might be spoofed so you can greylisting yourself to death because sooner or later all sources are blacklisted or you're rewriting continuously your whitelists and both are probably unreliable at the end Read the abovementioned whitepaper. And remember that there is no silver bullit against spam. Greylisting, SPF, spamfilters etc. all have their place and use. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpvDeAIAxG4o.pgp Description: PGP signature
Re: Loosing spam fight - [EMAIL PROTECTED]
On 2007.01.27 13:04:28 -0200, JoaoBR wrote: On Saturday 27 January 2007 12:32, Jim Pingle wrote: Roland Smith wrote: Most spammers do not bother to return if they get a resend request. That's the whole point of doing this. So practically it doesn't increase bandwidth consumption. ... Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. finally some cares about the users here, that is a really important point, how do you justify that your client get the email he is waiting for an hour later? Probably he looks then for a better service provider ... Could this discussion please be continued on the apropriate list which is designed for spam - [EMAIL PROTECTED] Thanks. -- Simon L. Nielsen ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Saturday 27 January 2007 13:04, Roland Smith wrote: That's not a bonus. Think about it. Sending a message twice will cut the spammer's mail delivery rate at least in half. nobody cares about this, what counts is the hit rate, more you get delivered merrier the return, that means more you reject more is send in order to get the desired profit Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. There is no silver bullit. But currently greylisting seems to stop around 95% of spam, and a lot of e-mail based virusus too. See the link above. this number is absolute not true, depending on how popular your mail server is or your domain names are you get a constant rate hammered into you network and it does not matter if you use greylists or whatever *rejecting* method the only real effective method is delaying the connection, counting on that the sending server is timing out without getting response. A correct smtp server will wait enough but spammer servers/programms are not waiting a minute for delivering each message It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. Since the cure for greylisting involves at least cutting the spam rate in half, I doubt many spammers will adopt it. there is no cure spammer will stop adopting when people stop getting horny or greedy so I guess your approach is failing sadly :) As for delaying legitimate mail, SMTP is considered an unreliable transport. That is why RFC 821 allows for temporary failures. If you want to contact someone about something that is time-critical, you shouldn't use e-mail anyway. people, as normal internet users, which are the main spammer target, do use email as it is and they do not care about *why* the message is not coming in but they care about that it is *not* coming in within a acceptable time span of some minutes or so - which by the way is the correct thinking -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight - [EMAIL PROTECTED]
On Sat, Jan 27, 2007 at 04:23:13PM +0100, Simon L. Nielsen wrote.. On 2007.01.27 13:04:28 -0200, JoaoBR wrote: On Saturday 27 January 2007 12:32, Jim Pingle wrote: Roland Smith wrote: Most spammers do not bother to return if they get a resend request. That's the whole point of doing this. So practically it doesn't increase bandwidth consumption. ... Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. finally some cares about the users here, that is a really important point, how do you justify that your client get the email he is waiting for an hour later? Probably he looks then for a better service provider ... Could this discussion please be continued on the apropriate list which is designed for spam - [EMAIL PROTECTED] Or -chat, or wherever, but not on -stable please. -- Wilko Bulte [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight - [EMAIL PROTECTED]
On Saturday 27 January 2007 13:23, Simon L. Nielsen wrote: Could this discussion please be continued on the apropriate list which is designed for spam - [EMAIL PROTECTED] lists.freebsd.org Mailing Lists No such list devnull could you please provide correct information in order to follow your instructions? -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Sat, Jan 27, 2007 at 01:04:28PM -0200, JoaoBR wrote: Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. finally some cares about the users here, that is a really important point, how do you justify that your client get the email he is waiting for an hour later? Probably he looks then for a better service provider ... The standard requires a retry time of at least 30 minutes: http://tools.ietf.org/html/rfc2821#section-4.5.3 But most open-source MTA's will try to resend after around 15 minutes: http://en.wikipedia.org/wiki/Greylisting Note that the SMTP protocol does not guarantee delivery within a certain timeframe. There are timeouts of several minutes for each of the SMTP commands. This means that a full SMTP conversation can last at least 1/2 hour, from one server to another. In short, an extra hour transit time is not a fault or bad service as far as SMTP is concerned. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpWD0mXgHI29.pgp Description: PGP signature
Re: Loosing spam fight
On Saturday 27 January 2007 13:39, Roland Smith wrote: On Sat, Jan 27, 2007 at 01:04:28PM -0200, JoaoBR wrote: Greylisting is a decent idea, but it seems to me that it's just another tool in the ongoing arms race against spammers. It may work for a while, but eventually they'll catch on and it will only cause unnecessary delays for legitimate mail. finally some cares about the users here, that is a really important point, how do you justify that your client get the email he is waiting for an hour later? Probably he looks then for a better service provider ... The standard requires a retry time of at least 30 minutes: http://tools.ietf.org/html/rfc2821#section-4.5.3 But most open-source MTA's will try to resend after around 15 minutes: http://en.wikipedia.org/wiki/Greylisting Note that the SMTP protocol does not guarantee delivery within a certain timeframe. I guess most servers do retry after 1-4 hours There are timeouts of several minutes for each of the SMTP commands. This means that a full SMTP conversation can last at least 1/2 hour, from one server to another. yes, therefore it does not make sense retrying after 10 or even 31 minutes In short, an extra hour transit time is not a fault or bad service as far as SMTP is concerned. that is certainly a technical and political excuse which nobody want to hear for getting email late, because the common understanding is getting an email on earth within some minutes -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight - [EMAIL PROTECTED]
On Sat, 27 Jan 2007 13:34-0200, JoaoBR wrote: could you please provide correct information in order to follow your instructions? plz ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Sat, 27 Jan 2007 13:50:26 -0200 JoaoBR [EMAIL PROTECTED] wrote: that is certainly a technical and political excuse which nobody want to hear for getting email late, because the common understanding is getting an email on earth within some minutes everybody: ENOUGH ALREADY! Take this discussion off the -stable list! -- Regards, Torfinn Ingolfsen, Norway ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Saturday 27 January 2007 14:19, Torfinn Ingolfsen wrote: everybody: ENOUGH ALREADY! Take this discussion off the -stable list! are you my boss or something? go swimming in your fjord, eat some lemmings and cool down man -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Enough already [was: Re: Loosing spam fight]
On 2007-01-27, JoaoBR wrote: On Saturday 27 January 2007 14:19, Torfinn Ingolfsen wrote: everybody: ENOUGH ALREADY! Take this discussion off the -stable list! are you my boss or something? go swimming in your fjord, eat some lemmings and cool down man No, he's not your boss. You, on the other hand, are a moron and a complete menace to the usefulness of this mailing list. Take your whining about whatever it is to some place that wants to hear it and leave the FreeBSD-stable list to those of us who want to address matters that pertain to the list's purpose. The mere fact that you want to waste our time with off-topic crap does not give you any right to do that. People have asked you politely and you have been too stupid to take any notice, so now it's time for us to treat you with the same rudeness that you have shown us. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Enough already [was: Re: Loosing spam fight]
On Saturday 27 January 2007 20:46, [EMAIL PROTECTED] wrote: No, he's not your boss. You, on the other hand, are a moron and a complete menace to the usefulness of this mailing list. Take your whining about whatever it is to some place that wants to hear it and leave the FreeBSD-stable list to those of us who want to address matters that pertain to the list's purpose. The mere fact that you want to waste our time with off-topic crap does not give you any right to do that. People have asked you politely and you have been too stupid to take any notice, so now it's time for us to treat you with the same rudeness that you have shown us. get yourself some education kid -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Enough already [was: Re: Loosing spam fight]
JoaoBR wrote: On Saturday 27 January 2007 20:46, [EMAIL PROTECTED] wrote: No, he's not your boss. You, on the other hand, are a moron and a complete menace to the usefulness of this mailing list. Take your whining about whatever it is to some place that wants to hear it and leave the FreeBSD-stable list to those of us who want to address matters that pertain to the list's purpose. The mere fact that you want to waste our time with off-topic crap does not give you any right to do that. People have asked you politely and you have been too stupid to take any notice, so now it's time for us to treat you with the same rudeness that you have shown us. get yourself some education kid It's already been proven you have nothing to say on the matter, other than what has been said, or the obvious. Do us all a favour and give up. -- Joe Holden Telephone: +44 (0) 207 100 9593 Email: [EMAIL PROTECTED] Website: http://www.joeholden.co.uk IRC: [EMAIL PROTECTED]/#FreeBSD ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Thursday 25 January 2007 11:18, Peter N. M. Hansteen wrote: JoaoBR [EMAIL PROTECTED] writes: all this methods are certainly useless, stay calm ok I fully sympathize with your need to rant, but in this context most of what you say is really quite beside the point. Please read what the material at the links provided actually says. the articles you linked show how to implement pf like I said, for my understandings firewall implemention for spam fighting is wrong because you reject the message unless you are the man of a corporate network you do have *NO* right to decide which message your users receive or not. May be some *WANT* viagra offers and others *WANT* a bigger penis so the only correct decision is to filter spam and put it into a spam folder where the user can review it and decide by his own if want it or not but may be, to change your opinion, you need to loose a case being responsible for some having a small penis and pay him his losses hihihihi, 100k/inch or something hihihi laugh with me and have a good day :) -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Fri, 2007-Jan-26 09:24:58 -0200, JoaoBR wrote: like I said, for my understandings firewall implemention for spam fighting is wrong because you reject the message Except that the original mail was talking about greylisting. This won't reject any mail sent from a MTA that correctly implements SMTP. According to the SMTP specs, I am perfectly at liberty to tell you that I can't accept your mail right now, please try again later. -- Peter Jeremy pgpvKL9pCcmYU.pgp Description: PGP signature
Re: Loosing spam fight
On Thursday 25 January 2007 04:08, Peter N. M. Hansteen wrote: For purposes of making the subject less true, setting up greylisting with an optional tarpit for known baddies can be very effective. See Dan Langille's recent Onlamp article[1] or for that matter my tutorial[2] for how this is done using PF and spamd - this way it doesn't matter much which MTA(s) you use. [1] http://www.onlamp.com/pub/a/bsd/2007/01/18/greylisting-with-pf.html [2] http://home.nuug.no/~peter/pf/en/, with the specifics of spamd and greylisting starting at http://home.nuug.no/~peter/pf/en/spamd.html all this methods are certainly useless, stay calm ok the only way to block spam really is blocking any incoming tcp:25 ... any firewall based method you may use do block innocents as well, ike some do they block entire IP ranges from countries because most spam comes from them, that is stupid, more brainless since the spam mostly is not generated by any of this servers, it only goes through it, this method might cause *you* not getting this spam but does not stop spam at all ... probably better, if you like firewall blocks, cutting the complete US IP address space from sending to any tcp:25 to stop spam definitly, because I never heard of chinese or african viagra hahahaha spam block list abviously are very usefull so long as they are maintained IMO a good way and probably the best way is to do some inicial checks like connection rate and limit them, then a spam checker like spamassassin for regex and header checks still you get SPAM and you never can block spam 100%, spammers change servers, IPs, patterns faster then we can react, but we all know this right? and even then if you get it all into your box you still get spam by whom sends it out without caring of identity or hiding it, a correct email msg but spam where spam needs to be catched is at the origin, ISPs should take care of this problem by not permitting access to outside servers but only passing through their smtp gateways, an outgoing spam check is what needs to be done but here nobody cares ... -- João A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura. Service fornecido pelo Datacenter Matik https://datacenter.matik.com.br ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
Woah you just made my day Saying dspam or greylisting is useless ;) I hope you mean that by ironic - no you cannot block 100% spam but 99.99% effectivly which I already do even productive. But not with sendmail (who is using sendmail these days?) cheers JoaoBR wrote: On Thursday 25 January 2007 04:08, Peter N. M. Hansteen wrote: For purposes of making the subject less true, setting up greylisting with an optional tarpit for known baddies can be very effective. See Dan Langille's recent Onlamp article[1] or for that matter my tutorial[2] for how this is done using PF and spamd - this way it doesn't matter much which MTA(s) you use. [1] http://www.onlamp.com/pub/a/bsd/2007/01/18/greylisting-with-pf.html [2] http://home.nuug.no/~peter/pf/en/, with the specifics of spamd and greylisting starting at http://home.nuug.no/~peter/pf/en/spamd.html all this methods are certainly useless, stay calm ok the only way to block spam really is blocking any incoming tcp:25 ... any firewall based method you may use do block innocents as well, ike some do they block entire IP ranges from countries because most spam comes from them, that is stupid, more brainless since the spam mostly is not generated by any of this servers, it only goes through it, this method might cause *you* not getting this spam but does not stop spam at all ... probably better, if you like firewall blocks, cutting the complete US IP address space from sending to any tcp:25 to stop spam definitly, because I never heard of chinese or african viagra hahahaha spam block list abviously are very usefull so long as they are maintained IMO a good way and probably the best way is to do some inicial checks like connection rate and limit them, then a spam checker like spamassassin for regex and header checks still you get SPAM and you never can block spam 100%, spammers change servers, IPs, patterns faster then we can react, but we all know this right? and even then if you get it all into your box you still get spam by whom sends it out without caring of identity or hiding it, a correct email msg but spam where spam needs to be catched is at the origin, ISPs should take care of this problem by not permitting access to outside servers but only passing through their smtp gateways, an outgoing spam check is what needs to be done but here nobody cares ... -- Georg 'Therion' Bege http://coruscant.info http://www.ninth-art.de [EMAIL PROTECTED] therion at ninth minus art dot de GnuPG-Key-ID: 0x5717E214 FingerPrint: A8EC B4B2 C9A9 483B CC87 56EE 07A1 C78E 5717 E214 !DSPAM:45b890c4896261974110222! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Thu, Jan 25, 2007 at 12:11:43PM +0100, Georg Bege wrote: Woah you just made my day Saying dspam or greylisting is useless ;) I hope you mean that by ironic - no you cannot block 100% spam but 99.99% effectivly which I already do even productive. But not with sendmail (who is using sendmail these days?) I do, and I have a hitquote arounf 99% as well. I'm using spamassassin and greylisting. Works pretty good. Filter/Tagging spam isn't a MTA problem, it's a configuration problem. You can do anything on any MTA. bye Estartu -- Gerhard Schmidt| Nick : estartu IRC : Estartu | Fischbachweg 3 || PGP Public Key 86856 Hiltenfingen | EMail: [EMAIL PROTECTED] | on request Germany|| pgpZRfkvRxtzj.pgp Description: PGP signature
Re: Loosing spam fight
JoaoBR [EMAIL PROTECTED] writes: all this methods are certainly useless, stay calm ok I fully sympathize with your need to rant, but in this context most of what you say is really quite beside the point. Please read what the material at the links provided actually says. any firewall based method you may use do block innocents as well, ike some do they block entire IP ranges from countries because most spam comes from them, Blocking entire subnets is generally not useful, and unmaintained blacklists are worse than useless. Which exactly is why I advocate using spamd in pure greylisting mode, possibly supplemented with aggressively maintained blacklists such as Bob Beck's traplist and potentially with local greytrapping. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ First, we kill all the spammers The Usenet Bard, Twice-forwarded tales delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Loosing spam fight
Hi there, I know it's not the right list to write to, but I'll still try a shot. I'm running sendmail in my FreeBSD box and wish to block mails comming from domains with no ptr configs. Am I missing something? My sendmail-rx.mc is like this FEATURE(`access_db',`hash -TTMPF -o /etc/mail/access.db')dnl FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`ALIAS_FILE', `/etc/mail/aliases')dnl FEATURE(`blacklist_recipients')dnl EXPOSED_USER(`root')dnl FEATURE(`use_cw_file')dnl FEATURE(`use_ct_file')dnl FEATURE(`use_client_ptr')dnl FEATURE(`delay_checks')dnl dnl # dnl # configuracoes de lista de spammers dnl # FEATURE(`dnsbl', `dul.dnsbl.sorbs.net', `550 Mail from $`'{client_addr} refused - see http://www.dul.dnsbl.sorbs.net/;') FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Mail from $`'{client_addr} refused - see http://www.spamhaus.org/sbl/;') FEATURE(`dnsbl', `list.dsbl.org', `550 Mail from $`'{client_addr} refused - see http://dsbl.org/;') FEATURE(`dnsbl', `bl.spamcop.net', `450 Mail from $`'{client_addr} refused - see http://spamcop.net/bl.shtml;') dnl # -- []'s chmod000 Microsoft butterfly is their way of telling you their system has a lot of @#$ bugs! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On Wed, 24 Jan 2007 15:03:06 -0200 Gustavo Feijó [EMAIL PROTECTED] wrote: FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Mail from Try replacing with 'zen.spamhaus.org'. Can't comment on the others. Are you only using RBLs for spam prevention? HTH, Dominic ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
On 1/24/07, Gustavo Feijó [EMAIL PROTECTED] wrote: Hi there, I know it's not the right list to write to, but I'll still try a shot. There is freebsd-isp@, as well :) I'm running sendmail in my FreeBSD box and wish to block mails comming from domains with no ptr configs. Am I missing something? My sendmail-rx.mc is like this FEATURE(`access_db',`hash -TTMPF -o /etc/mail/access.db')dnl FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`ALIAS_FILE', `/etc/mail/aliases')dnl FEATURE(`blacklist_recipients')dnl EXPOSED_USER(`root')dnl FEATURE(`use_cw_file')dnl FEATURE(`use_ct_file')dnl FEATURE(`use_client_ptr')dnl FEATURE(`delay_checks')dnl dnl # dnl # configuracoes de lista de spammers dnl # FEATURE(`dnsbl', `dul.dnsbl.sorbs.net', `550 Mail from $`'{client_addr} refused - see http://www.dul.dnsbl.sorbs.net/;') FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Mail from $`'{client_addr} refused - see http://www.spamhaus.org/sbl/;') FEATURE(`dnsbl', `list.dsbl.org', `550 Mail from $`'{client_addr} refused - see http://dsbl.org/;') FEATURE(`dnsbl', `bl.spamcop.net', `450 Mail from $`'{client_addr} refused - see http://spamcop.net/bl.shtml;') dnl # -- []'s chmod000 Microsoft butterfly is their way of telling you their system has a lot of @#$ bugs! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] -- If it's there, and you can see it, it's real. If it's not there, and you can see it, it's virtual. If it's there, and you can't see it, it's transparent. If it's not there, and you can't see it, you erased it. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loosing spam fight
For purposes of making the subject less true, setting up greylisting with an optional tarpit for known baddies can be very effective. See Dan Langille's recent Onlamp article[1] or for that matter my tutorial[2] for how this is done using PF and spamd - this way it doesn't matter much which MTA(s) you use. [1] http://www.onlamp.com/pub/a/bsd/2007/01/18/greylisting-with-pf.html [2] http://home.nuug.no/~peter/pf/en/, with the specifics of spamd and greylisting starting at http://home.nuug.no/~peter/pf/en/spamd.html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ First, we kill all the spammers The Usenet Bard, Twice-forwarded tales delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]