Skip site navigation (1)Skip section navigation (2)
Date:      09 Mar 2002 17:37:01 -0800
From:      swear@blarg.net (Gary W. Swearingen)
To:        Greg Lehey <grog@FreeBSD.ORG>
Cc:        Brett Glass <brett@lariat.org>, "Gary W. Swearingen" <swear@blarg.net>, chat@FreeBSD.ORG
Subject:   Re: Rejecting spam, accepting valid mail (was: Mail blocked)
Message-ID:  <d1lmd1dwzm.md1@localhost.localdomain>
In-Reply-To: <20020308190102.B679@sydney.worldwide.lemis.com>
References:  <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020306234510.01ee0180@nospam.lariat.org> <4.3.2.7.2.20020307094130.01f59240@nospam.lariat.org> <3cg03ccef4.03c@localhost.localdomain> <4.3.2.7.2.20020307221616.00cb9980@nospam.lariat.org> <20020308190102.B679@sydney.worldwide.lemis.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Greg Lehey <grog@FreeBSD.ORG> writes:

> On Thursday,  7 March 2002 at 22:19:55 -0700, Brett Glass wrote:
> >
> > You escaped the filter by sheer luck. I just found out that the rule
> > they're using is
> >
> > /^Message-Id:.*@localhost>$/                    REJECT
> >
> > Your IDs say "localhost.localdomain", not just "localhost", so they
> > slip through.
> 
> The correct solution to this one is to fix the rule, not continue
> using invalid hostnames.

It isn't an invalid hostname, it's an invalid message ID and, AFAIK,
it's only invalid to a very few who choose to interpret a part of it
as a host name.  It's a de-facto standard that Message ID content
doesn't matter; if some RFC proposes that it should matter, I guess we
can only whine that the change of policy is a big bother and choose when
or whether to comply.

> I use a number of techniques to reject spam.  It's fairly clear that
> an invalid server name can be construed in a number of ways:
> 
> 1.  An attempt to defraud:
> 
>     In:  EHLO localhost.localdomain
>     Out: 250-wantadilla.lemis.com
>     Out: 250-PIPELINING
>     Out: 250-SIZE 10240000
>     Out: 250-ETRN
>     Out: 250 8BITMIME
>     In:  MAIL From:<grados_julio@hotmail.com> SIZE=1790
>     Out: 250 Ok
>     In:  RCPT To:<yvonne@lemis.com>
>     Out: 450 Client host rejected: cannot find your hostname, [211.23.186.108]
> 
>     This one is clearly spam.

If "clearly" means "very likely", then yes.  Few would blame you for not
worrying about the other, more unlikely cases.

I assume that the above is not a personal accusation, but allow me to
warn about the easily misused word "defraud", given that libel juries
can more accurately judge the inference than the implication.

  defraud, tr.v., To take from or deprive of by fraud; to swindle.

Or see http://www.dictionary.com/search?q=defraud

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d1lmd1dwzm.md1>