From owner-freebsd-questions@freebsd.org  Sun Mar 31 06:12:35 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5A22E154EF89
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Sun, 31 Mar 2019 06:12:35 +0000 (UTC)
 (envelope-from freebsd@edvax.de)
Received: from mout.kundenserver.de (mout.kundenserver.de [217.72.192.75])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "mout.kundenserver.de",
 Issuer "TeleSec ServerPass DE-2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id E47386B82F
 for <freebsd-questions@freebsd.org>; Sun, 31 Mar 2019 06:12:33 +0000 (UTC)
 (envelope-from freebsd@edvax.de)
Received: from r56.edvax.de ([92.193.229.77]) by mrelayeu.kundenserver.de
 (mreue106 [212.227.15.183]) with ESMTPA (Nemesis) id
 1MulZl-1gtlvv3fDH-00rlMJ; Sun, 31 Mar 2019 08:12:25 +0200
Date: Sun, 31 Mar 2019 08:12:24 +0200
From: Polytropon <freebsd@edvax.de>
To: RW <rwmaillists@googlemail.com>
Cc: RW via freebsd-questions <freebsd-questions@freebsd.org>
Subject: Re: Why is Sendmail still around?
Message-Id: <20190331081224.f6e4cf61.freebsd@edvax.de>
In-Reply-To: <20190330145410.17cfd72d@gumby.homeunix.com>
References: <4101a1092141b58e05ef7552278b15ff@kathe.in>
 <b6024975-31b1-e08b-46ee-e18597ada469@netfence.it>
 <b13d35f7472591ebd90c02d100b9ce80@kathe.in>
 <20190329121212.1f12fed7.freebsd@edvax.de>
 <20190329140110.3c7102ef876f3a1e58ea467b@sohara.org>
 <20190330034114.54ae2511.freebsd@edvax.de>
 <20190330145410.17cfd72d@gumby.homeunix.com>
Reply-To: Polytropon <freebsd@edvax.de>
Organization: EDVAX
X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Provags-ID: V03:K1:G6LRmQvKMjzATmYhv/9EL543JLmk7JRZkkwAi7aK2nGP92oA8MG
 MgCbXcPoCum/dkuUEPAe+Ax/tuEfAL0b0b951VgOuOlaCctF2VRuj41xaPUS5UobtdoBkQk
 BsOOJBzswUVn1nlpUV9Li5kekPRiUz4LXTuW5YybTrNj/QUGMV2a5knCXtIXCbPyEj7uaxC
 94AwHOotHGuvuoGA49HWg==
X-Spam-Flag: NO
X-UI-Out-Filterresults: notjunk:1;V03:K0:ZmkEcWI3+jY=:fOFLf/IU6dpAi/V5QhDBC3
 uiNmBSWUtXLy2V/He517KQ8lYlhIXV7fuXYSOWOG/eu2VqJkGGAvxcWGg6rM4ux/iJGopYw7T
 KtXelA/aC9O5PBWDmyHMSDsHVKyE6Q8tgjBNrN4EfEHcaXbD00NjM/Jg5VpqzmCI5nQ7gSXBJ
 8GV1sltJh5/BqCpl7nHCn9kwQxhjJ7f5v1w7b3ItvQAx1wznj5D0nD6APlUdyW+geTiMjAnT9
 r7zsNu6z1l490j+qrSvgw+OWpxc2Dela6ampQWu8vao3M4naqveaGARPPN/lLw24FubzzvAXt
 S6/TN6Yj+g12N4IlkjnMk/bQRYWIMaEifaxsP5Bx2K40K9m8gxmndezJGDqKoKwOn2qab2r9E
 sUDNpEVd62SmPBVTR461s4rcEbAn663Z3OCLuy7Jnswh0P4TBI5GMxgYLUhqt9/2EnZrVhaqP
 Q+mWonMIadbFoCCOEw9PznuZNgbAgrC7Uv50DcEG5fdOLZflMSn5SR9Y7tog744ceDlkKL+kV
 r4xs73ppoyp74htrTM+uyUgM9GsntjKdIw0kUIg5+e2a4qiZvTqacbjrrz7akqTTKh3f0zP4R
 RoZ1wIPcx49rbhOseVpvNBMGGg0zRaExPyEx1QaQE8zpV7PDOCtn/MRgBUwajs4QqSXf8Hx1V
 ALDEDI5n2jSDg1V6bcYs0BkhCFL/1F2N9NYSU1XRPYvMUsxa9QvfyQyywUN59tKOxwp3pTpf5
 qdlfYZGGkLzy29uo5vXimbSlllgKzpZDAQH+cPzYMkNMD7/qLswB77Ct5Fw=
X-Rspamd-Queue-Id: E47386B82F
X-Spamd-Bar: ++++++
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [6.39 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 HAS_REPLYTO(0.00)[freebsd@edvax.de]; MV_CASE(0.50)[];
 HAS_ORG_HEADER(0.00)[]; TO_DN_ALL(0.00)[];
 MX_GOOD(-0.01)[mx01.schlund.de,mx00.schlund.de];
 RCPT_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[googlemail.com];
 RECEIVED_SPAMHAUS_PBL(0.00)[77.229.193.92.zen.spamhaus.org : 127.0.0.10];
 RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[];
 ASN(0.00)[asn:8560, ipnet:217.72.192.0/20, country:DE];
 SUBJECT_ENDS_QUESTION(1.00)[]; FROM_EQ_ENVFROM(0.00)[];
 ARC_NA(0.00)[]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[];
 NEURAL_SPAM_SHORT(0.95)[0.948,0]; MIME_GOOD(-0.10)[text/plain];
 MIME_TRACE(0.00)[0:+]; DMARC_NA(0.00)[edvax.de];
 AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.71)[0.715,0];
 TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(1.00)[0.999,0];
 MID_CONTAINS_FROM(1.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[75.192.72.217.list.dnswl.org : 127.0.5.0];
 R_SPF_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2];
 IP_SCORE(0.34)[ipnet: 217.72.192.0/20(0.10), asn: 8560(1.58),
 country: DE(-0.01)]
X-Spam: Yes
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Mar 2019 06:12:35 -0000

On Sat, 30 Mar 2019 14:54:10 +0000, RW via freebsd-questions wrote:
> On Sat, 30 Mar 2019 03:41:14 +0100
> Polytropon wrote:
> 
> > On Fri, 29 Mar 2019 14:01:10 +0000, Steve O'Hara-Smith wrote:
> 
> > > 	I wouldn't attempt to run an outgoing mail server doing
> > > direct MX lookup and delivery these days they anti-spam measures
> > > are a nightmare. OTOH reliable delivery relays are not that common
> > > either.  
> > 
> > Yes, it's not as easy anymore... You have to fight "we know better
> > than you!" providers who consider every IP from a dynamic range
> > a spammer,
> 
> They pretty much have to. Most spam is caught by simple DNS based
> tests which rely on assuming that no dynamic IP addresses sends direct
> to MX. In particular most blocklists can't distinguish between a spam
> source and a dynamic address, because an infected machine can cause 
> hundreds of dynamic addresses to be listed.  

Don't get me wrong - I fully understand that problem. But the
attitude of mail operators who seem to consider every provider
except themselves a spammer who has to "prove his worth" is
annoying. Pwned "Windows" PCs that send tons of spam from their
dynamic IP ranges tend to "pollute" whole subnets, so if you
accidentally happen to be in the same range (belonging to the
same provider or not), whatever you send is considered spam.
You can ask to whitelist your IP, but you'll have to do this
with almost every mail provider you want to contact, and as
soon as you get a new dynamic IP, rinse repeat.

Having access to a static IP often helps, but still some of
the problems will stay...



> These days spammers put a
> lot of effort into compromising vulnerable servers, sometimes this
> allows their spam to pass SPF, DKIM and even DMARC.

Exactly thos emechanisms, intended to _prevent_ spam, can be
used by spammers, so mail providers will happily accept their
spam because the sender has successfully "proven his worth".
If I remember correctly, more than 90% of today's messages
transmitted across the Internet is spam, and of course spammers
are interested in getting the "big guns" (corporate-class
servers), but having access to a distributed network of pwned
"Windows" home PCs is still useful for their purposes.



> In some cases a home server with an MTA configured to use a  smarthost
> can be a gift to a spammer if it's compromised.

Definitely. That's why securing the server properly and _not_
exposing a public open relay is very important. Due to my
impressions and experience, I'd say the common UNIX guy is
better at this as any HPC lurking in corporate IT. ;-)



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...