From owner-freebsd-chat Sat Mar 9 17:33:42 2002 Delivered-To: freebsd-chat@freebsd.org Received: from lists.blarg.net (lists.blarg.net [206.124.128.17]) by hub.freebsd.org (Postfix) with ESMTP id 86A8E37B400; Sat, 9 Mar 2002 17:33:38 -0800 (PST) Received: from thig.blarg.net (thig.blarg.net [206.124.128.18]) by lists.blarg.net (Postfix) with ESMTP id 38C22BD4F; Sat, 9 Mar 2002 17:33:38 -0800 (PST) Received: from localhost.localdomain ([206.124.139.115]) by thig.blarg.net (8.9.3/8.9.3) with ESMTP id RAA23695; Sat, 9 Mar 2002 17:33:37 -0800 Received: (from jojo@localhost) by localhost.localdomain (8.11.6/8.11.3) id g2A1b2A04106; Sat, 9 Mar 2002 17:37:02 -0800 (PST) (envelope-from swear@blarg.net) To: Greg Lehey Cc: Brett Glass , "Gary W. Swearingen" , chat@FreeBSD.ORG Subject: Re: Rejecting spam, accepting valid mail (was: Mail blocked) References: <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <3cg03ccef4.03c@localhost.localdomain> <4.3.2.7.2.20020307221616.00cb9980@nospam.lariat.org> <20020308190102.B679@sydney.worldwide.lemis.com> From: swear@blarg.net (Gary W. Swearingen) Date: 09 Mar 2002 17:37:01 -0800 In-Reply-To: <20020308190102.B679@sydney.worldwide.lemis.com> Message-ID: Lines: 50 User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.1 (Cuyahoga Valley) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Greg Lehey writes: > On Thursday, 7 March 2002 at 22:19:55 -0700, Brett Glass wrote: > > > > You escaped the filter by sheer luck. I just found out that the rule > > they're using is > > > > /^Message-Id:.*@localhost>$/ REJECT > > > > Your IDs say "localhost.localdomain", not just "localhost", so they > > slip through. > > The correct solution to this one is to fix the rule, not continue > using invalid hostnames. It isn't an invalid hostname, it's an invalid message ID and, AFAIK, it's only invalid to a very few who choose to interpret a part of it as a host name. It's a de-facto standard that Message ID content doesn't matter; if some RFC proposes that it should matter, I guess we can only whine that the change of policy is a big bother and choose when or whether to comply. > I use a number of techniques to reject spam. It's fairly clear that > an invalid server name can be construed in a number of ways: > > 1. An attempt to defraud: > > In: EHLO localhost.localdomain > Out: 250-wantadilla.lemis.com > Out: 250-PIPELINING > Out: 250-SIZE 10240000 > Out: 250-ETRN > Out: 250 8BITMIME > In: MAIL From: SIZE=1790 > Out: 250 Ok > In: RCPT To: > Out: 450 Client host rejected: cannot find your hostname, [211.23.186.108] > > This one is clearly spam. If "clearly" means "very likely", then yes. Few would blame you for not worrying about the other, more unlikely cases. I assume that the above is not a personal accusation, but allow me to warn about the easily misused word "defraud", given that libel juries can more accurately judge the inference than the implication. defraud, tr.v., To take from or deprive of by fraud; to swindle. Or see http://www.dictionary.com/search?q=defraud To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message