[linux-elitists] Swen

tek tek@pervasivenetwerks.com
Tue Sep 23 09:48:41 PDT 2003


> > > What I don't care to generate is return to sender bounce messages
> > > that go to people that didn't send a virus to begin with. I assert
> > > that the bounce messages, just in sheer volume, are as bad as the
> > > virus spam that caused them.

blocking it at smtp will not generate a bounce it will when correctly configured 
however generate an error message to the sending party, if the sending party is 
a live breathing person they will see the error message and it gives them 
instructions as to why email was rejected if however its a spammer he doesnt 
have the time to read through any failures he is sending hundreds of thousands 
of emails and he just jumps to the next sucker on the list. 

> > 
> > But that's just the point.  When you block a virus email at the SMTP
> > level, you're usually blocking the computer which is actually infected
> > with the virus.  And if it's not, the computer relaying it to you is
> > an open relay, which you shouldn't be accepting email from anyway.

Correct, and if its an open relay they see a message such as this.
---snip---
Sep 23 09:21:55 mail postfix/smtpd[15540]: reject: RCPT from outbound34.endril.
com[206.62.136.14]: 554 Service unavailable; [206.62.136.14] blocked using bl.
spamcop.net, reason: Blocked - see http://spamcop.net/bl.shtml?206.62.136.14; 
from=<ssk1m@securefuture.tv> to=<lupe@scplumbing.com>
---snip---
if someone is spamming they will see your using a rbl, nothing they can do about 
that to get to you other than dos the rbl as happened to joe jared of osirisoft. 
your still ahead and they are left playing catch-up.

> 
> The computer relaying it to you may be legitimately relaying it to you.
> If your domain has multiple MX hosts, not all run by you, then they may
> acept messages that will get blocked by your "real" MTA at SMTP time.
> Thus generating a bounce message from the relaying MTA.

how much are you willing to deal with because of someone else has not 
configuring the relaying mail server correctly?
that is my question.
if the relaying mta is accepting mail with forged headers then you know where 
the problem is. got root?

> 
> -- 
>  \       "We must respect the other fellow's religion, but only in the 
> |  `\       sense and to the extent that we respect his theory that 
> his | _o__)  wife is beautiful and his children smart."  -- Henry L. 
> Mencken | Ben Finney <ben@benfinney.id.au>

--
o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o
| Linux Solutions Provider, Linux Consultant and IT Services. |
0           Windows to Linux Migration Specialists            0
|              http://www.pervasivenetwerks.com               |  
o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o
              PGP Key Fingerprint
AA05 B115 5019 754A A151 04F2 822D A1C9 EAB6 AA5B



More information about the linux-elitists mailing list