Autor: W B Hacker Data: Dla: exim users Temat: Re: [exim] UCEPROTECT Blacklists and why callouts are abusive
Andrew - Supernews wrote:
>>>>>>"David" == David Saez Padros <david@???> writes:
>
>
> >> In the best case (when there isn't a specific spammer actively
> >> forging just our domain) we see about 100 times as many abusive
> >> callouts (ones not in response to mail we sent) as
> >> legitimate/excusable callouts (ones caused by mail that actually
> >> came from us), and about 10% of our incoming SMTP connections are
> >> from blowback sources (callouts, C/R and bounce blowback - we
> >> can't reliably distinguish them).
>
> David> so for this 10% you don't know how many bounces are callouts
> David> or real bounces ? then how you know which are abusive and
> David> which not ?
>
> All of them are abusive, because all of them are an attempt to send
> either a bounce, a C/R message or a callout in response to mail that
> we did not send.
>
> >> Having a whitelist for known _legitimate_ senders does not reduce
> >> in any way the number of _abusive_ callouts you do, by definition.
>
> David> what you perceive as abusive callouts are protective in my
> David> point of view.
>
> But you're forcing me to devote _my_ resources to protecting _your_
> network. How is this not abusive?
>
Because, dear David, not ONE DAMN BIT of this whole smtp shebang works if we DO
NOT try to help each other within commonly agreed channels!
Handling a few liteweight verifications for others is the quid pro quo for their
also helping *you* by trying to reduce abuse *overall*.
If you are being *overwhelmed* with forgeries, try more intelligent filtering.
How many come from IP's that lack a PTR? rDNS is cached very effectively.
And how hard is it to put some /24 or /8 into your firewall that - per their own
netblock holders, not just some contentious RBL - are NOT SUPPOSED to *ever*
send mail?