Date: Sat, 21 Mar 2009 08:32:29 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: freebsd-chat@freebsd.org, kdk@daleco.biz Subject: Re: spamassassin helps lots, but I'm tired of sorting the backscatter ; -) Message-ID: <49C4A61D.1050102@infracaninophile.co.uk> In-Reply-To: <200903202240.n2KMe1Re007705@lurza.secnetix.de> References: <200903202240.n2KMe1Re007705@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigCEFEBFA459F523D2199704F4 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Oliver Fromme wrote: > Kevin Kinsey wrote: > > Anybody got a good way to send an automagic Ping'o'death > > to a spammer's computer? Maybe there's a "kick butt" > > plugin for AmavisD? >=20 > Note that, in most cases, it is very difficult to identify > the real source of the spammer. The "From" header line > and the envelope sender address usually do not point to > the spammer. Trying to shoot back to those is a very bad > idea. >=20 > The only reasonable thing you can do with spam is drop it > to /dev/null. If it makes you feel better, you can create > a symlink /dev/painful_death -> /dev/null and instruct > your mail filter to drop spam there instead. Not so. The best thing you can do about spam is refuse to accept it during the SMTP dialogue stage. This has two beneficial effects. * It allows you to visibly reject the spam without causing backscatter * It may well result in bounce-o-grammes being sent to the admins of compromised systems. (Not always -- but I've seen a trend for some botnet zombies to send outgoing spam via their usual mail relays rather than directly) The second best thing you can do is take your own sweet time over processing incoming spam messages. Contrary to all appearances, there are still more people targeted by spam than there are spam sources. Spammers get paid for pumping out millions of messages. Any simple way there is of slowing down that traffic will lower their income or raise their marginal costs and it won't take too much to put at least a few of them out of business. Tarpitting or teergrube does that and can tie up a dozen or more spam senders at a time without killing the performance of your own mail systems. For the latter task, I can most heartily recommend obspamd (net/spamd spamd(8) -- not to be confused with the spamd(1) program which is part of spamassassin. My only complaint is that it does not understand IPv6) Cheers Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------enigCEFEBFA459F523D2199704F4 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREIAAYFAknEpiYACgkQ8Mjk52CukIzTRACfc17Rw6Rq9sA3EUGK3kj01wwp BVIAn0x7I0wXfK3mSo3nxo/+ajgS6Gei =gt1J -----END PGP SIGNATURE----- --------------enigCEFEBFA459F523D2199704F4--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49C4A61D.1050102>