Re: [exim] Anti Phishing Trick

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [exim] Anti Phishing Trick
On Wed, 24 Aug 2005, Fred Viles wrote:

> On 24 Aug 2005 at 20:19, Alan J. Flavell wrote about
>     "Re: [exim] Anti Phishing Trick":


| On the one hand, they forward spam to us which our anti-spam measures
| reject out of hand (causing them no doubt to send bounces to innocent
| third parties whose addresses have been counterfeited as senders of
| the spam).


> Indeed. Wow. I thought you were one of the Good Guys.


I understand what you're saying, but I would suggest that any such
bounces (collateral spam) are being generated on *their*
responsibility, not ours. If that's a problem for them, then there
are things that they can do about it.

For most of the sites (at least if not in Germany! - see next para)
then if their collateral spam causes problems, they should respond by
making a better effort not to accept the spam in the first place, no?

As for some German sites - which seem to take the view that their law
allows them to reject nothing - so they forward lots of spam, marked
with very evident warnings saying that they rated this as [SPAM] -
then presumably when we decline to accept it on the grounds that we,
too, rate it as spam, presumably they should know better than to
create collateral spam as a consequence. Or do they claim that their
law requires the creation of collateral spam, too?

> | I really do wish there was a nicer way to deal with forwarded spam,
> | but I'm simply not prepared to drop it silently into a black hole
>
> Then quarantine it, and review it manually.


I'm not sure that we can afford the resources to do that. We're
already spending too much effort reviewing dubious items, and trying
to automate as much of it as we can - even without the forwarded
stuff.

> This is no different than having a backup MX that has accepts mail
> your main MX would reject.


Well: I'd have to say there *is* a significant difference, in as much
as we have a close working relationship with our backup MX, and can
negotiate on rather even terms as to what we're each doing to tackle
spam, and to deal with any that gets through; but with these remote
institutes where our users maintain forwarding addresses, such
anti-spam measures as they use are set by their *own* policies, over
which we have - at best, only a tiny amount of influence - at worst,
none at all.

> IMHO there's no excuse for knowingly generating collateral spam.


I understand what you're getting at, but I'm afraid that, on this
particular issue, I reckon that's their responsibility, rather than
ours.

If you have a better solution (but please, not more crap for the
admins to review manually), I'm keen to hear it.