Autor: Alan J. Flavell Data: A: Exim users list Assumpte: Re: [Exim] AOL - SPF - and EXIM
On Thu, 10 Jun 2004, Suresh Ramasubramanian wrote:
> Steven Lobbezoo wrote:
> > As matter of principle: I would never do anything AOL requests.
>
> There is a lot more clue there than you think
Well, they're still accepting far too many fake emails that
counterfeited sender addresses in our domain - and then, they have
second thoughts and send rejection bounces to us. We catch the
bounces before they pester our users, but they're a pain in the
wotsits for the postmasters.
The key clue, in most cases, is that the counterfeiters presented HELO
domains that either say aol.com, or else they contain one of our
domains, despite the fact that the calling IP indicates that their
presented HELO domain has no relation whatever to either AOL nor us.
Looking at the evidence that AOL present to us in their report, it's
perfectly obvious - by eye - that the original mails were fakes. But
it's hard to devise a regex that will keep this rubbish out. But it's
fairly clear that AOL would have no difficulty recognising the
situation themselved -before- it's too late, and refusing to accept
this garbage n the first place. By the time it reaches us, it's so
much harder to recognise it automatically, although on postmaster
inspection it's only too obvious that it's yet another piece of AOL
collateral spam.
We *know* only too well that the spammers are continually faking our
users as senders - of spam and of viruses - we really don't need the
hundreds of bogus rejections per day to remind us of that, and we're
refusing the majority of them automatically. But AOL are still making
a nuisance of themselves.