Date: Mon, 5 May 2003 12:23:10 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: <Scheidell@secnap.com> Cc: freebsd-stable@freebsd.org Subject: Re: RE: blackmail attempt? Stable mailing list block? Message-ID: <200305051923.h45JNARn078543@apollo.backplane.com> References: <B3BCAF4246A8A84983A80DAB50FE72420724A2@secnap2.secnap.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm going to put a plug in for the relays.ordb.org DNSBL. It's a fairly conservative volunteer dnsbl that verifies and blocks open relays in an automated fashion. I run one of their U.S. nameservers. I consider DNSBLs only one line of defense. I have a number of mechanisms in my own mail system which detect suspect connections through the libmilter interface and track and return 4xx codes for a period of time to 'delay' (rather then reject) suspect email for a few hours. I can't really do anything drastic because I run the email and domains for several dozen people and some of them get all sorts of weirdly sourced, legitimate international correspondance. Even so three or four out of the 30-40 spams that attempt delivery to my personal email address every day get through. I am still hesitating on implementing the final solution, which would be a mail-back verification system, but if spam continues to worsten over this year I'll probably wind up implementing it. There are plenty of things that people can do to mitigate spam. For one thing, never publish your email address in user@domain form on your web pages. Instead publish it as 'user at domain' or something like that. That one change will probably get rid of a significant percentage of the spam you get. I've started doing it on my web pages and I'll probably do it for my email signature as well since those are archived and available on the web as well. Another interesting and cool solution, one which I might implement for myself, is to create 'temporary return addresses' for your email and/or published web pages which are only valid for a short period of time. -Matt Matthew Dillon <dillon@backplane.com> : :We don't use 'monkies.org' because they refuse to take fixed computers out. we send an email to spews and dk10? telling them that they MISSED one of our netblocks and please add it since we didn't want to send any email to anyone stupid enough to use either list. (they added it, which proved my point.. they violated their stated listing policies!) : :here is what I use (in postfix) :we don't do any business out of the us, so screwem. :... : :-- :Michael S. Scheidell, CEO :SECNAP Network Security www.secnap.com :scheidell@secnap.net / 1+561.368.9561, 1131 :Sales: 866-SECNAPNET / 866.732.6276
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305051923.h45JNARn078543>