From owner-freebsd-security@FreeBSD.ORG Sat May 15 04:24:19 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0F3F716A4CE for ; Sat, 15 May 2004 04:24:19 -0700 (PDT) Received: from huva.hittite.isp.9tel.net (huva.hittite.isp.9tel.net [62.62.156.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7863C43D53 for ; Sat, 15 May 2004 04:24:18 -0700 (PDT) (envelope-from clefevre-lists@9online.fr) Received: from pc2k (178-116-118-80.kaptech.net [80.118.116.178]) by huva.hittite.isp.9tel.net (Postfix) with SMTP id 4033E9DE2E; Sat, 15 May 2004 13:25:41 +0200 (CEST) Message-ID: <045a01c43a6f$290a2c90$7890a8c0@dyndns.org> From: "Cyrille Lefevre" To: "Gregory Sutter" , "Fernando Schapachnik" References: <777BCABEE522D5119E3E00508B6CA0B802E9AA95@CYBHQMSX05><20040514114059.GD306@bal740r0.mecon.gov.ar> <20040515070914.GD73800@klapaucius.zer0.org> Date: Sat, 15 May 2004 13:24:16 +0200 Organization: ACME MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 cc: freebsd-security@freebsd.org Subject: Re: How do fix a good solution against spam.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 May 2004 11:24:19 -0000 > On 2004-05-14 08:40 -0300, Fernando Schapachnik wrote: > > As everybody is throwing in their favorite anti-spam solutions, here's mine: > > > > http://www.paganini.net/ask/ > > > > From the home page: > > > > ASK takes advantage of the fact that most spammers use invalid or > > fake "From:" address in their messages. When a new message arrives > > and the sender is unknown, ASK sends a "confirmation message" > > back, informing the sender that the original message has been > > queued, pending confirmation. When the sender confirms (a simple > > reply), ASK delivers the original message and adds the sender to a > > "whitelist". Further messages from this sender will be immediately > > delivered. > > (I apologize for posting this O/T message.) > > Here's a well-thought-out argument against systems of this type: > > Challenge-Response Anti-Spam Systems Considered Harmful > http://kmself.home.netcom.com/Rants/challenge-response.html I don't know ask, but I'm using tmda which is configured to NOT send any query. this way, the offending messages are queued until I release or delete them using tmda-pending. so, such tool may not be so problematic, but the configuration or the implementation may be :( the first versions of tmda don't allow to not bounce, the first thing I've done was to patch tmda to go this way, then I submit the patch which wasn't accepted at first. the time beeing, it was implemented differently, but the idea was kept :P here is the trick : echo 'ACTION_INCOMING = "hold"' >> ~/.tmda/config don't know if ask may hold queries instead of bouncing ? Cyrille Lefevre. -- home: mailto:cyrille.lefevre@laposte.net