Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 5 Apr 2002 18:16:59 +0930
From:      Greg Lehey <grog@lemis.com>
To:        "Philip J. Koenig" <pjklist@ekahuna.com>
Cc:        Questions@FreeBSD.ORG, Kris Kennaway <kris@obsecurity.org>
Subject:   Re: hub.freebsd.org spam policy
Message-ID:  <20020405181659.T68310@wantadilla.lemis.com>
In-Reply-To: <20020405075914777.AAA405@empty1.ekahuna.com@pc02.ekahuna.com>
References:  <20020404214543823.AAA153@empty1.ekahuna.com@pc02.ekahuna.com>; <20020405075914777.AAA405@empty1.ekahuna.com@pc02.ekahuna.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday,  4 April 2002 at 23:59:15 -0800, Philip J. Koenig wrote:
> On 4 Apr 2002, at 23:25, Kris Kennaway boldly uttered:
>
>> On Thu, Apr 04, 2002 at 01:45:43PM -0800, Philip J. Koenig wrote:
>> [I asserted that freebsd.org was using spam assassin based on some
>> list traffic I had seen]
>>
>> On Tue, 26 Mar 2002, Philip J. Koenig wrote:
>>> the specifics so I can take it up with the "anti-spam" utility
>>> authors. ("Spam-Assassin", if I'm not mistaken)
>>>
>>
>>  we dont use "Spam-Assassin".  never have.
>>
>> [end of message]

I missed this in the mass of verbiage in the earlier messages.
spamassassin is in fact quite useful, though it doesn't detect
messages with forged senders, the kind of problem that this message
would have caused had the sending MTA had reverse lookup:

Transcript of session follows.
  
 Out: 220 wantadilla.lemis.com ESMTP Postfix
 In:  EHLO mydomain.com
 Out: 250-wantadilla.lemis.com
 Out: 250-PIPELINING
 Out: 250-SIZE 10240000
 Out: 250-ETRN
 Out: 250 8BITMIME
 In:  RSET
 Out: 250 Ok
 In:  MAIL FROM:<webmaster@hotmail.com>
 Out: 250 Ok
 In:  RCPT TO:<majordomo@lemis.com>
 Out: 450 Client host rejected: cannot find your hostname, [202.73.166.164]
 In:  RSET
 Out: 250 Ok
 In:  QUIT
 Out: 221 Bye

BTW, does anybody understand why spam lists now include majordomo@?

I've written a series of procmail rules to catch this stuff, something
like:

:0
* ^Received: .*hotmail.com \[
/var/mail/grog

:0
* ^From: .*@hotmail.com
/home/grog/Mail/caughtspam

While looking at this, of course, consider this alternative message
which also bounced:

Transcript of session follows.
  
 Out: 220 wantadilla.lemis.com ESMTP Postfix
 In:  EHLO localhost.localdomain
 Out: 250-wantadilla.lemis.com
 Out: 250-PIPELINING
 Out: 250-SIZE 10240000
 Out: 250-ETRN
 Out: 250 8BITMIME
 In:  MAIL From:<uis@daum.net> SIZE=13237 BODY=8BITMIME
 Out: 250 Ok
 In:  RCPT To:<grog@lemis.com>
 Out: 450 Client host rejected: cannot find your hostname, [61.37.27.30]

I don't know if it's spam or not.  It's definitely misconfigured.

Anyway, it's about time somebody ported spamassassin.  It catches most
spam, and it doesn't seem to have too many false positives.

Greg
--
See complete headers for address and phone numbers

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020405181659.T68310>