Re: [exim] Exim 4.72: preventing backscatter

Top Page
Delete this message
Reply to this message
Author: Always Learning
Date:  
To: Exim
Subject: Re: [exim] Exim 4.72: preventing backscatter
On Thu, 2014-08-28 at 16:57 +0100, Klaus Ethgen wrote:

> Well, your points are really strict and maybe too strict for many
> people.


At this moment, everyone is tolerating Spam instead of demanding that
mail senders (MTA) are properly configured.

The Spam disease will continue and increase as more strange people
obtain computer programmes designed to detect vulnerabilities in 'home
computers' (always Microsoft it seems), then exploit the compromised
computer systems to Spam the world *and* find more vulnerable computer
systems to perpetuate the problem.

>>AL:
> > 2. Reject everything which does NOT have a Reverse DNS (meaning the Host
> > IP has a Host Name and that Host Name resolves to the original Host IP
> > address)


> That would work in an optimal world. However, the world is not optimal
> and there are many servers out there that are miss configured relating
> to reverse DNS or DNS at all. Even senders that tell them self
> "professional". I even encountered some universities that are not able
> to configure a working DNS host name for their outgoing mail server
> (mostly using microsoft exchange).


In my experience, Microsoft systems are the worse culprits.

>>AL:
> > 3. Reject everything that appears to come from a
> > non-professional/non-official host name, for example here are a few of
> > today's rejects (rejected by our servers in ACL Connection)


> You speak about using DUL lists. Well, they are very controversial. Just
> some completely valid senders:


No. I do not mean DUL lists. I use Exim without external lists.

If the Host Name contains:

digits (dash/dot/under-score) digits (dash/dot/under-score) digits
(dash/dot/under-score)

is is rejected.

Similarly if the Host Name contains contains 'static', 'dyn', 'dynamic',
'ip' or 'user' then in conjunction with other tests, the connection is
refused.

I also have a 'home made' list of spamming pests. Here is the beginning


# /data/config/exim/hosts.spammer
#
#---------------------------------------------- A ------
*adsl.alicedsl.de
*dynamic.se.alltele.net
*alshamil.net.ae
*aphie.info
*adsl.anteldata.net.uy
*pools.arcor-ip.net
*as9105.com
*as13285.net
*as43234.net
#---------------------------------------------- B ------
*dynamic.barak-online.net
*dsl.bell.ca
*mgm.bellsouth.net
*mia.bellsouth.net
*dyn.beotel.net
*red.bezeqint.net
*cust.bluewin.ch


> - - People, mostly IT professionals, that want to run there own mail
> server at home but are not able to get a proper reverse DNS entry,
> (i.e. as it is a dynamic address or as the service provider don't do
> that entries) This is especially valid in current days when you don't
> want your mails going through servers that you don't trust.


The intelligent services automatically scan *every* email and have been
doing so since at least the early 1990's. Emails are transmitted between
MTAs by many different and unknown (at the transmission time) route
segments. How can anyone trust an unknown circuit and switching (only
switching ?) equipment ?

> They might not always able to do so. For example if their legit sender is
> a university that don't care about proper setup.


Standards will never improve if everyone tolerates bad standards as
"normal behaviour".

Mfg,

Paul
England, EU.

Centos, Exim, Apache, Libre Office.
Linux is the future. Micro$oft is the past.