Re: [Exim] RBL protection

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Greg Ward
Date:  
À: 'exim-users@exim.org'
Sujet: Re: [Exim] RBL protection
On 13 March 2002, Raphael Berghmans said:
> Since two weeks somebodies send to an 'non-existent user@??? or
> @hotmail.com' with as FROM address a non-existent user@ourdomain. And we
> receive a bounce for non-existent user, this bounce is fozen because the
> destination doesn't exist.


AFAIK, there is no technical defense against address forging. About
your only recourse is to sue the spammer. More realistic is to complain
to their ISP, which you should be able to track down if you have full
headers of their spam.

> But, in the body of the bounce, there is the full header of the original
> mail. And this orignial mail has been sent via an openrelay server !! Then by
> checking the complete message, the first mailserver (know as openrelay) could
> be checked and the mail will be rejected or even dropped!


Your logic, if I understand it, is flawed. First of all, it's the sites
*receiving* the spam -- eg. yahoo, hotmail -- who would have to reject
the spam in order to relieve you of this headache. Second, rejecting
mail from open relays *will* reject legitimate email; if you can live
with that, fine. But under no circumstances imaginable should you even
consider *dropping* mail just because it came from an open relay!

        Greg
--
Greg Ward - software developer                gward@???
MEMS Exchange                            http://www.mems-exchange.org