[linux-elitists] www.securitysage.com broken CR system?

Karsten M. Self kmself@ix.netcom.com
Sat Oct 4 16:45:42 PDT 2003


on Sat, Oct 04, 2003 at 11:00:51AM -0700, Dan Wilder (dan@ssc.com) wrote:
> Hi, all.
> 
> Writing to find out whether I'm at risk of getting silently
> dropped from the list.
> 
> SSC's backup mx, ns2.ssc.com, has installed email body checks from 
> 
>   http://www.securitysage.com/guides/postfix_uce_body.html
> 
> and configured the mailer there to respond:
> 
> 550 Error: SecuritySage SPAM-ID: b20030701-296001 Your email had 
> spam-like body contents. To report this mess age as non-spam, 
> please follow the instructions available at 
> http://www.securitysage.com/spam.html

If it's doing this at SMTP time (and from the snipped above, it appears
it's issuing a 550 SMTP permanent delivery error), this is the right way
to do things.

Annoyance factor is then determined by how accurate the spam filtering
is.

Frankly, if they've got decent filters, this is very much the way I'd
encourage *many* SMTPs to be set up.

> My question for the list is whether this comes under the heading
> of "broken challenge-response systems" as discussed at
> 
>   http://zgp.org/mailman/listinfo/linux-elitists
> 
> The system challenges only emails it doesn't like.  

It's not challenging.  It's rejecting.

> As noted in previous CR threads, no doubt flooding innocent third
> parties with mysterious challenges in the process.

Nope. Telling the sending SMTP server that delivery was refused.  If a
message is generated, it's the remote server's issue.

Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
   GNU/Linux & BSD:  We *are* the way out.
     http://www.wehadthewayout.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20031005/17494fac/attachment.pgp 


More information about the linux-elitists mailing list