Date: Wed, 19 Nov 1997 18:35:53 -0500 From: Louis Theran <louis@opengroup.org> To: Sean Eric Fagan <sef@kithrup.com> Cc: hackers@freebsd.org Subject: Re: Mail spam, sigh... Message-ID: <199711192335.SAA24946@postman.opengroup.org> In-Reply-To: Message from Sean Eric Fagan <sef@kithrup.com> <199711192028.MAA14215@kithrup.com> .
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "sef" == Sean Eric Fagan <sef@kithrup.com> writes: sef> Along this vein... I'd like to suggest adding the RBL support sef> to the default sendmail file (freebsd.mc). This way, all sef> FreeBSD systems would, by default, drop SMTP connections from sef> the sites on the blacklist. I don't think that this is a very good idea. For most sites the RBL is way too restrictive in what it blackholes. I have played around with it a bit using qmail, and I noticed that ISPs like erols and concentric were making it into the RBL. Both of those have pretty good anti-spam AUPs, but more importantly they are both big enough that you will start bouncing a lot of mail from legitimate users, which is really not acceptable in most places. I think that the RBL gets too many false positives to be useful for most people, unfortunately. sef> I'd also like to add the anti-relay code to the file, but sef> that's a bit trickier, I'm afraid (too easy to get wrong and sef> screw things up). I'm all for this, but as you say, it is easy to screw up with sendmail, and there is also no one solution to this problem that works everywhere. Why not just ship the system with sendmail's SMTP daemon turned off? All that is required is a simple change of "YES" to "NO" in rc.conf. Anybody who needs it turned on should be smart enough to know what other things they have to do in terms of their sendmail.cf file to prevent their host from being hijacked by a spammer, etc. Empirical evidence would suggest that this assertion is incorrect, as there doesn't seem to be a shortage of open sendmail relays on the net, but anything that makes admins think before they enable relaying is probably a good thing. Personally I am waiting for Eric Allman to do the responsible thing and disable relaying in the official sendmail distribution. Something that I think that could be done pretty easily, though, would be to disable the various address forms that nobody really needs any more, such as the percent hack and the multiple '@' hack. Can anybody think of a reason why we need these by default in 1997? ^Louis
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711192335.SAA24946>