Date: Fri, 8 Mar 2002 19:01:02 +1030 From: Greg Lehey <grog@FreeBSD.ORG> To: Brett Glass <brett@lariat.org> Cc: "Gary W. Swearingen" <swear@blarg.net>, chat@FreeBSD.ORG Subject: Rejecting spam, accepting valid mail (was: Mail blocked) Message-ID: <20020308190102.B679@sydney.worldwide.lemis.com> In-Reply-To: <4.3.2.7.2.20020307221616.00cb9980@nospam.lariat.org>; from brett@lariat.org on Thu, Mar 07, 2002 at 10:19:55PM -0700 References: <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <3cg03ccef4.03c@localhost.localdomain> <4.3.2.7.2.20020307221616.00cb9980@nospam.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday, 7 March 2002 at 22:19:55 -0700, Brett Glass wrote:
> At 01:26 PM 3/7/2002, Gary W. Swearingen wrote:
>
>> Are you sure? I've posted to other freebsd MLs with that kind of ID.
>> If you're reading this, I think you'll find "localhost." in the ID.
>
> You escaped the filter by sheer luck. I just found out that the rule
> they're using is
>
> /^Message-Id:.*@localhost>$/ REJECT
>
> Your IDs say "localhost.localdomain", not just "localhost", so they
> slip through.
The correct solution to this one is to fix the rule, not continue
using invalid hostnames.
I use a number of techniques to reject spam. It's fairly clear that
an invalid server name can be construed in a number of ways:
1. An attempt to defraud:
In: EHLO localhost.localdomain
Out: 250-wantadilla.lemis.com
Out: 250-PIPELINING
Out: 250-SIZE 10240000
Out: 250-ETRN
Out: 250 8BITMIME
In: MAIL From:<grados_julio@hotmail.com> SIZE=1790
Out: 250 Ok
In: RCPT To:<yvonne@lemis.com>
Out: 450 Client host rejected: cannot find your hostname, [211.23.186.108]
This one is clearly spam.
2. A complete incompetence:
In: EHLO husqvarna.amazon.com
Out: 250-wantadilla.lemis.com
Out: 250-PIPELINING
Out: 250-SIZE 10240000
Out: 250-ETRN
Out: 250 8BITMIME
In: MAIL FROM:<> SIZE=2039
Out: 250 Ok
In: RCPT TO:<grog@lemis.com>
Out: 450 Client host rejected: cannot find your hostname, [207.171.187.128]
I'm currently offline, so I don't know if this is amazon or not.
But if it is, the system administrators need to be taken out and
shot.
3. Problems like the ones you describe (NAT, etc.).
That's more of a problem. I'm sure that localhost and
localhost.localdomain are always wrong names. But if you're
really not on the global Internet, you should probably have a mail
server which is, which is correctly configured, and which is
prepared to accept your mail. Is there any objection to this?
Greg
--
See complete headers for address and phone numbers
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020308190102.B679>