Re: [Exim] Opinions sought: Most effective spam reduction te…

Pàgina inicial
Delete this message
Reply to this message
Autor: Richard Clayton
Data:  
A: exim-users
Assumpte: Re: [Exim] Opinions sought: Most effective spam reduction techniques
In message <Pine.LNX.4.61.0408231146190.17087@???>,
Alan J. Flavell <a.flavell@???> writes

>On Mon, 23 Aug 2004, Richard Clayton wrote:
>
>> This is from a DLink DI-704P (a popular make of router, used to provide
>> home networking behind a cable modem or similar).
>
>[...]
>
>>     HELO        highwayman.com

>
>Looks good to me! If such boxes go berserk and start mailing to
>random addresses, we'll reject the mails out of hand for having a
>faked HELO. If you want to get mail from your specific box, all that
>you need to do is configure an exception in your target MTA.


You've rather missed the point I was making -- which is that some people
observe spam and viruses saying HELO your.domain instead of the
correct HELO my.own.remote.identity and use this as a heuristic to
reject email that they don't want.

As with all heuristics, you win some and you lose some. My email was to
point out that what you'd lose would include email from the DI-704P
population. However, as with all spam-fighting tactics, particular mail
administrators may or may not see that as being something to cry over.

As to getting an exception configured ... easy for you to say :) but
not for most end-users at the mercy of their mail admins hidden behind
several layers of "support".

>My hunch would be that they didn't plan it that way,


My hunch is that they looked at one logged email connection,
misunderstood what was happening and built their software accordingly.

The existence of multi-page standards describing correct behaviour will
come as a great shock to them. I've corresponded with other authors of
email software that was malfunctioning and had them concede my point and
then write back a few minutes later asking if might provide them with a
URL for RFC(2)822 ... so I'm not in the least surprised to find yet
more kit that has been programmed, wrongly, by example :(

>but it looks to
>me like a case of good results for the wrong reason.


The results are only good if the destination is not an intransigent
believer in magically effective heuristics :(

- -- 
richard @ highwayman . com                       "Nothing seems the same
                          Still you never see the change from day to day
                                And no-one notices the customs slip away"