Author: Johann Steigenberger Date: To: exim-users Subject: Re: [exim] UCEPROTECT, APEWS and the truth about Marc Perkel
Rick Copper wrote:
> I just had a joe-job spam incident against one of our domains and let me
> tell you I would MUCH prefer a million verification attempts to the
> thousands of freaking postmaster bounces that include a portion of the
> original email. See, in a prefect world every server that received the email > would have checked our spf records that list every conceivable host that
> does/might deliver mail for our domain(s) and hard fails everything else.
There is NO excusion for a system to backscatter.
Those get listed at UCEPROTECT too ...
> It's not a prefect world and I got thousands of bounces (why did they accept > them in the first place) and "spam returns" that end up costing FAR more
> since they end up being passed on the SpamAssassin and the virus checking
> routines.
Who told you that nonsense, that you have to accept mail to spamtraps?
If someone hits a spamtrap you definitiveley know that it can not be a real
mail.
So why accept it ?
You can simply reject everyone hitting one of your spamtraps at envelop
level after rcpt to...
>> And last not least:
>> RFC 821 knows a command "VRFY" to do that test.
>> Most Administrators have chosen to disable this, because Spammers were
>> abusing it. > Exactly so what is left?
What will be left if all Users out there will break RFC821 and stop
accepting NULL-Senders
thanks to guys like Marc and you?
> Anyone trying to circumvent a restriction on a remote system
> is an Abuser.
> So faking to be a null sender and going up to RCPT TO means you are an
> Abuser.
> That is what Exim's SAV does.
Again, then what is the answer? Just open the door to anything just because
they say they are slkjjksd@????
If it goes to a nonexistant user just say 550 at the gate.
