Double Irony! (was Re: [linux-elitists] ruben's stupid filter)

Marc MERLIN marc@merlins.org
Sun Mar 24 21:42:26 PST 2002


On Sun, Mar 24, 2002 at 01:41:30PM -0800, Dan Wilder wrote:
> I'm playing with automating the idea of SMTP blacklisting mail from those 
> who refuse bounces from our mailer-daemon.  Have been doing something

That's easy, I already have this on sourceforge.net, it's completely
automated with SMTP callbacks:
moremagic:~$ telnet lists.sf.net 25
Trying 216.136.171.198...
Connected to lists.sf.net.
Escape character is '^]'.
220 usw-sf-list1.sourceforge.net ESMTP Exim 3.31-VA-mm2 #1 Sun, 24 Mar 2002 21:36:16 -0800 - SF usw-list mm5
helo domain
250 usw-sf-list1.sourceforge.net Hello m206-12.dsl.tsoft.com [198.144.206.12]
mail from: <foobar@beatware.com>
250 <foobar@beatware.com> is syntactically correct
rcpt to: merlin@sf.net
250 <merlin@sf.net> is syntactically correct
data
354 Enter message, ending with "." on a line by itself
.
550-Envelope sender verification failed
550 rejected: Cannot route to envelope sender <foobar@beatware.com> (The envelope sender does not exist according to your mail server when it was asked): response from mailhost.beatware.com [209.237.6.135] after "MAIL FROM: <>" was "501 bogus mail from". This does not help fight spam effectively, breaks RFCs, and prevents you from getting bounces so we can't accept mail from you

> This catches, for example, hotmail, which refuses bounces, but which also

That's not true.
Connected to mx06.hotmail.com.
Escape character is '^]'.
220-HotMail (NO UCE) ESMTP server ready at Sun, 24 Mar 2002 21:38:26 -0800 
220 ESMTP spoken here
ehlo domain
250-hotmail.com Hello
250-8bitmime
250 SIZE 1572864
mail from: <>
250 Requested mail action okay, completed
rcpt to: <laurentpontier@hotmail.com>
250 Requested mail action okay, completed
data
354 Start mail input; end with <CRLF>.<CRLF>
From: mailer-daemon@merlins.org
To: laurentpontier@hotmail.com
Subject: test

Do not reply, thank you :-)
.
250 Requested mail action okay, completed
quit
221 Service closing transmission channel

> Unfortunately the RFCs appear to prohibit validating the actual
> sending host against DNS and then declining mail based on that
> validation.  That'd catch a large part of the spam that comes in.

I don't  see which  RFC forbids one,  and even  if there were  to be  one, I
wouldn't care and do SMTP callbacks anyway.
BTW, for those curious of the checks that sourceforge.net does on a piece
of mail, see:
http://sourceforge.net/docman/display_doc.php?docid=6747&group_id=1

> Aside from RFC considerations, this is not feasible on pragmatic 
> grounds: way too many legitimate hosts with broken DNS.

Do you mean forward and reverse on  the calling host? Yeah, I don't do that,
because it probably catches as much legitimate mail as it catches spam.

But I will not accept an envelope sender that is broken in any way.

Marc
-- 
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
  
Home page: http://marc.merlins.org/   |   Finger marc_f@merlins.org for PGP key



More information about the linux-elitists mailing list