From owner-freebsd-questions@freebsd.org Sat Mar 30 14:54:17 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E3C4515538B3 for ; Sat, 30 Mar 2019 14:54:16 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6115D8B1F7 for ; Sat, 30 Mar 2019 14:54:15 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: by mail-wr1-x42c.google.com with SMTP id g3so6124086wrx.9 for ; Sat, 30 Mar 2019 07:54:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EG01O1FcJ84vK8Vf1Ihw/xceDFlkaj+WvagW79DOoiI=; b=D1kwtdtKAnr4mrb654uIBoqmroHjO2iWmEkUtuBh4yZQxuBV0qsTg2ADhsQiLPyCYl quPIfI9jmN8lkx86fd/V3J3XysGMYI6fGxubx6S6h3SUvr5BcSunQAGaJfReZJyXs1Bd fznbO0PhpdsfQkuYibKQKgziUGUvPhS+nB15XFVJGnhnlsGBVvzxEej757NakTJnXIPD /DFYy2jb9FBpOBLZTDygIBMrBS6e3w7a/nDwd8M+jhWQVRflyUVBc1U2ddYyven32+ae zMs4TlleQl/gnd/BQTIEGW4zD3t0TeCn/lmYgFw4n3aq4K74hse2LzP/T0TXJb9lSVax UjBA== X-Gm-Message-State: APjAAAVGkIdLA6ElxqahTf9eybNv08YOkUpoEwsmRk6prmu81Jt8yxCJ DdWdoV9bFUSCH/bDjmUxgycfeaE0brM= X-Google-Smtp-Source: APXvYqxB6HrGZ3gx1PZQPI0otYDqsq4totrqBgPJHsTJiLwE/lsL51S8ucTD0bzL5VBC8M+nAg71qQ== X-Received: by 2002:adf:f7cc:: with SMTP id a12mr11923534wrq.87.1553957653197; Sat, 30 Mar 2019 07:54:13 -0700 (PDT) Received: from gumby.homeunix.com ([90.195.212.226]) by smtp.gmail.com with ESMTPSA id b11sm5413121wru.61.2019.03.30.07.54.12 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sat, 30 Mar 2019 07:54:12 -0700 (PDT) Date: Sat, 30 Mar 2019 14:54:10 +0000 From: RW To: freebsd-questions@freebsd.org Subject: Re: Why is Sendmail still around? Message-ID: <20190330145410.17cfd72d@gumby.homeunix.com> In-Reply-To: <20190330034114.54ae2511.freebsd@edvax.de> References: <4101a1092141b58e05ef7552278b15ff@kathe.in> <20190329121212.1f12fed7.freebsd@edvax.de> <20190329140110.3c7102ef876f3a1e58ea467b@sohara.org> <20190330034114.54ae2511.freebsd@edvax.de> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 6115D8B1F7 X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.74 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FREEMAIL_FROM(0.00)[googlemail.com]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[googlemail.com:+]; DMARC_POLICY_ALLOW(-0.50)[googlemail.com,quarantine]; MX_GOOD(-0.01)[alt3.gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com,gmail-smtp-in.l.google.com,alt2.gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.96)[-0.960,0]; RECEIVED_SPAMHAUS_PBL(0.00)[226.212.195.90.zen.spamhaus.org : 127.0.0.10]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[googlemail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; DWL_DNSWL_NONE(0.00)[googlemail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[googlemail.com:s=20161025]; RCVD_TLS_LAST(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SUBJECT_ENDS_QUESTION(1.00)[]; RCVD_IN_DNSWL_NONE(0.00)[c.2.4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-2.77)[ip: (-9.28), ipnet: 2a00:1450::/32(-2.36), asn: 15169(-2.14), country: US(-0.07)] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2019 14:54:17 -0000 On Sat, 30 Mar 2019 03:41:14 +0100 Polytropon wrote: > On Fri, 29 Mar 2019 14:01:10 +0000, Steve O'Hara-Smith wrote: > > I wouldn't attempt to run an outgoing mail server doing > > direct MX lookup and delivery these days they anti-spam measures > > are a nightmare. OTOH reliable delivery relays are not that common > > either. > > Yes, it's not as easy anymore... You have to fight "we know better > than you!" providers who consider every IP from a dynamic range > a spammer, They pretty much have to. Most spam is caught by simple DNS based tests which rely on assuming that no dynamic IP addresses sends direct to MX. In particular most blocklists can't distinguish between a spam source and a dynamic address, because an infected machine can cause hundreds of dynamic addresses to be listed. There are some services, like Fastmail/Pobox, that don't block senders just because they are sending directly from a dynamic pool, but they aren't really doing anyone any favours because they still apply Spamhaus XBL. > even though their own ranges are full of compromized > "Windows" PCs that spam the world. This is less important than it used to be. These days spammers put a lot of effort into compromising vulnerable servers, sometimes this allows their spam to pass SPF, DKIM and even DMARC. In some cases a home server with an MTA configured to use a smarthost can be a gift to a spammer if it's compromised.