[PLUG-TALK] Is it just me, or...

Michael C. Robinson michael at goose.robinson-west.com
Mon Sep 15 15:52:11 PDT 2003

On Mon, 2003-09-15 at 10:56, Russ Johnson wrote:
> On 15 Sep 2003 01:19:43 -0700
> "Michael C. Robinson" <michael at goose.robinson-west.com> wrote:
> > What I need is a firewall that blocks anyone trying to
> > smtp me until a lookup can be done on the address a connection 
> > attempt is being made from to determine that that address is 
> > registered somewhere.
> Most MTAs support this. Check to see if yours supports domain lookup. 

I'm using sendmail-8.12.9 and I have the sendmail book 
from O'Reilly that my brother left to me, does anyone 
know where I need to look for information on how to set 
up requiring a positive domain lookup before accepting 
a connection?  I've been happy with this version of 
sendmail, it's a little unusual because it doesn't 
run as root, though that should help with security.

I figure if spammers spam from MTA substitutes that 
checking registration before allowing inbound connections 
should help significantly in keeping spam out.

My recommendation to anyone setting up their own mail
site is to use non revealing email names.  I'm seriously 
looking into changing mine to a meaningless string to
be less of a target.  Are there any registrars that don't
require putting your actual name out there for whois queries?
I'm getting so I'd much rather go by a gender neutral alias.

It's just too easy for someone to query these databases and
target individuals based on gender, etc.  I read a HOWTO
that said to use register.com so that's what I used.  I
wish there was a third party legally bonded proxy for the 
contacts as that would be so much safer.  Alas, I probably 
can't afford such a service.

The good news is that I seem to be getting on top of it
for now.  I've been able to block spam by blocking ips
and filtering out the good email using procmail.  
I think I'm down to the stuff that everyone gets.  I'll 
probably dump the account though if another nasty spam 
comes in. 

     --  Michael

More information about the PLUG-talk mailing list