[PLUG] NO ptr record for lists.pdxlinux.org...
Carla Schroder
carla at bratgrrl.com
Sun Sep 28 16:55:03 UTC 2003
On Sunday 28 September 2003 3:50 pm, Michael C. Robinson wrote:>
> About six sites didn't resolve. I think part of the problem is that
> you often have to ask the ISP to enter a reverse record because the
> ISP controls it. I bet 90+% of UCE comes from sites that don't have
> a PTR record. Sites need to be required to have abuse addresses
> that work. If you don't figure out how to deny a connection for
> spammers, you've lost to them. I think a lot of people spam
> regardless of whether or not they get the reply they want based
> on perhaps as little as where you've been or even less than that.
The Holy Grail of email management is finding that magic method of identifying
spam. Unfortunately there is no magic spam key. It's a continually escalating
war, and the dirty bastards ruin everything they touch. They're like rats who
piss on what they can't eat. William James said it best in "Thanks the
Spammers", http://www.spamreaper.com/thankspammers.html
Spammers get paid to send zillions of messages. I doubt that many care how
many are received, let alone read.
> One option is a program that tests email to see if it's spam then
> email a reply back if it is deemed so indicating why. Unfortunately,
> the reply-to address can be wrong or in the case of some spammers,
> disabled because they are abusive. I've seen cases where the abuse
> address is disabled also, this is true for yahoo.com. I block
> yahoo.com now because I get spam from it and can't complain about
> it.
Most spam not only has forged return addresses, they're sent via open relays
and hijacked proxies. Any kind of autoreply is as useless and annoying as
those lame anti-virus programs that autoreply to the forged sender. Which is
what, all of them?
>
> At ftp://ftp.robinson-west.com I have rfc2505, rfc2505.txt, which
> states that we should all be running PTR records and check for
> them with our mail servers as one measure to control and reduce
> spam. My ISP controls my public subnet's reverse zone where I
> contact them about what records I need for it. For my private
> dns I do forward and reverse dns for every computer on my lan.
> It's not hard to do reverse zones if you can do forward zones.
No, it's not difficult at all. I don't know why so many admins don't.
>
> Well I have some classmates in physics whose email addresses are
> the following, domain only: hotmail.com, msn.com, and hotmail.com
> again. Are there reverse records for these domains or do I need
> to do something special under postfix to let my classmates email
> me so as not to abandon the deny unknown clients in the from
> line protection?
>
Having good whitelists is crucial when using any kind of filtering or
blocking. I think blocking mail based on PTRs is going to lose a lot of
legitimate mail, if it were me I'd monitor the logs very closely, and make
sure my whitelists were complete.
When you look at all the millions of winduhs boxes on cable/dsl that have been
Trojaned and turned into happy little spam relays, and all the crap proxying
software for winduhs that ships wide open, such as the extremely popular
AnalogX, and all the other hijacked proxies and open relays in the world, and
spam-friendly countries like Brazil, China, and Korea, and organized
spam-crime gangs in Russia... well I don't what to think, except it's a
complex problem. And it's frustrating to have a pile of perfectly good
sticks, and no spammers at hand to beat.
--
~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
www.tuxcomputing.com
this message brought to you
by Libranet 2.8 and Kmail
~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the PLUG
mailing list