Date: 09 Mar 2002 17:37:01 -0800 From: swear@blarg.net (Gary W. Swearingen) To: Greg Lehey <grog@FreeBSD.ORG> Cc: Brett Glass <brett@lariat.org>, "Gary W. Swearingen" <swear@blarg.net>, chat@FreeBSD.ORG Subject: Re: Rejecting spam, accepting valid mail (was: Mail blocked) Message-ID: <d1lmd1dwzm.md1@localhost.localdomain> In-Reply-To: <20020308190102.B679@sydney.worldwide.lemis.com> References: <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <3cg03ccef4.03c@localhost.localdomain> <4.3.2.7.2.20020307221616.00cb9980@nospam.lariat.org> <20020308190102.B679@sydney.worldwide.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Greg Lehey <grog@FreeBSD.ORG> writes: > On Thursday, 7 March 2002 at 22:19:55 -0700, Brett Glass wrote: > > > > You escaped the filter by sheer luck. I just found out that the rule > > they're using is > > > > /^Message-Id:.*@localhost>$/ REJECT > > > > Your IDs say "localhost.localdomain", not just "localhost", so they > > slip through. > > The correct solution to this one is to fix the rule, not continue > using invalid hostnames. It isn't an invalid hostname, it's an invalid message ID and, AFAIK, it's only invalid to a very few who choose to interpret a part of it as a host name. It's a de-facto standard that Message ID content doesn't matter; if some RFC proposes that it should matter, I guess we can only whine that the change of policy is a big bother and choose when or whether to comply. > I use a number of techniques to reject spam. It's fairly clear that > an invalid server name can be construed in a number of ways: > > 1. An attempt to defraud: > > In: EHLO localhost.localdomain > Out: 250-wantadilla.lemis.com > Out: 250-PIPELINING > Out: 250-SIZE 10240000 > Out: 250-ETRN > Out: 250 8BITMIME > In: MAIL From:<grados_julio@hotmail.com> SIZE=1790 > Out: 250 Ok > In: RCPT To:<yvonne@lemis.com> > Out: 450 Client host rejected: cannot find your hostname, [211.23.186.108] > > This one is clearly spam. If "clearly" means "very likely", then yes. Few would blame you for not worrying about the other, more unlikely cases. I assume that the above is not a personal accusation, but allow me to warn about the easily misused word "defraud", given that libel juries can more accurately judge the inference than the implication. defraud, tr.v., To take from or deprive of by fraud; to swindle. Or see http://www.dictionary.com/search?q=defraud To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d1lmd1dwzm.md1>