[PLUG] NO ptr record for lists.pdxlinux.org...

Carla Schroder carla at bratgrrl.com
Sun Sep 28 16:55:03 UTC 2003 

On Sunday 28 September 2003 3:50 pm, Michael C. Robinson wrote:>
> About six sites didn't resolve.  I think part of the problem is that
> you often have to ask the ISP to enter a reverse record because the
> ISP controls it.  I bet 90+% of UCE comes from sites that don't have
> a PTR record.  Sites need to be required to have abuse addresses
> that work.  If you don't figure out how to deny a connection for
> spammers, you've lost to them.  I think a lot of people spam
> regardless of whether or not they get the reply they want based
> on perhaps as little as where you've been or even less than that.

The Holy Grail of email management is finding that magic method of identifying 
spam. Unfortunately there is no magic spam key. It's a continually escalating 
war, and the dirty bastards ruin everything they touch. They're like rats who 
piss on what they can't eat. William James said it best in "Thanks the 
Spammers", http://www.spamreaper.com/thankspammers.html

Spammers get paid to send zillions of messages. I doubt that many care how 
many are received, let alone read. 

> One option is a program that tests email to see if it's spam then
> email a reply back if it is deemed so indicating why.  Unfortunately,
> the reply-to address can be wrong or in the case of some spammers,
> disabled because they are abusive.  I've seen cases where the abuse
> address is disabled also, this is true for yahoo.com.  I block
> yahoo.com now because I get spam from it and can't complain about
> it.

Most spam not only has forged return addresses, they're sent via open relays 
and hijacked proxies. Any kind of autoreply is as useless and annoying as 
those lame anti-virus programs that autoreply to the forged sender. Which is 
what, all of them?

>
> At ftp://ftp.robinson-west.com I have rfc2505, rfc2505.txt, which
> states that we should all be running PTR records and check for
> them with our mail servers as one measure to control and reduce
> spam.  My ISP controls my public subnet's reverse zone where I
> contact them about what records I need for it.  For my private
> dns I do forward and reverse dns for every computer on my lan.
> It's not hard to do reverse zones if you can do forward zones.

No, it's not difficult at all. I don't know why so many admins don't.

>
> Well I have some classmates in physics whose email addresses are
> the following, domain only: hotmail.com, msn.com, and hotmail.com
> again.  Are there reverse records for these domains or do I need
> to do something special under postfix to let my classmates email
> me so as not to abandon the deny unknown clients in the from
> line protection?
>

Having good whitelists is crucial when using any kind of filtering or 
blocking. I think blocking mail based on PTRs is going to lose a lot of 
legitimate mail, if it were me I'd monitor the logs very closely, and make 
sure my whitelists were complete.

When you look at all the millions of winduhs boxes on cable/dsl that have been 
Trojaned and turned into happy little spam relays, and all the crap proxying 
software for winduhs that ships wide open, such as the extremely popular 
AnalogX, and all the other hijacked proxies and open relays in the world, and 
spam-friendly countries like Brazil, China, and Korea, and organized 
spam-crime gangs in Russia... well I don't what to think, except it's a 
complex problem. And it's frustrating to have a pile of perfectly good 
sticks, and no spammers at hand to beat.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
www.tuxcomputing.com
this message brought to you
by Libranet 2.8 and Kmail
~~~~~~~~~~~~~~~~~~~~~~~~~

More information about the PLUG mailing list