spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gene Heskett <>
Subject Re: Pulling my hair out
Date Tue, 20 Oct 2009 16:33:55 GMT
On Tuesday 20 October 2009, Ted Mittelstaedt wrote:
>Gene Heskett wrote:
>Since your not the recipient mailserver, (your upstream server is) and
>I presume that your upstream is NOT running SA or doing any filtering
>(otherwise you are effectively wearing 2 condoms, on on top of the
>other, and wasting a lot of CPU on your system scanning mail that has
>been scanned already) you are effectively telling the spammers that they
>have a valid e-mail box and encouraging more spam.

They are running a spam filter, some sort of am M$ thing that still lets 
about 1 to 2 thousand a week through.  Gmails is far better than verizons, 
but I have NDI what they are running for a filter.  The tv stations server 
used to produce 10,000 a week, but is getting better, now maybe 50/wk.

>If you have control of the destination IP address the spammers are
>sending spam to, (the upstream) you can configure your MTA to issue an
>error 550  then disconnect when a source IP address on an Internet
>blacklist attempts to pass you mail.

I can't do that, I'm just pulling whats they miss with fetchmail.

>Not only does that save your
>bandwidth but if the spammer is relaying spams through an open
>mailserver, that will cause the compromised sending mailserver to bounce
>the relayed spam to it's administrator's mailbox (assuming that it's
>properly configured) which might ring the clue phone of the
>administrator managing the compromised mailserver, or if that doesn't
>work possibly consume all free disk space on the compromised server,
>thus causing it to crash and cease being a nuisance to the rest of
>us on the Internet.

Verizon has such a compromised server right now, and I have sent several 
samples of the bogus messages it is sending me 20x a day of, for over a week 
now, no response and no change.  As long as it makes vz money, they don't 
care.  If there was another provider in my area, I'd be gone in a heartbeat.  
Cable might work, but they want 2x more a month and always have.

>SA is useful dealing with the spams that make it past the blacklist,
>or spams coming from the few servers out there which are legitimate
>mail senders but are also blacklisted since they send spams as
>well - and so you have to put them in an exception list and allow them
>to send their mixed ham and spam to you.

And its useful to me, causing about 1.5K of these mails to be sent to 
/dev/null a week.  AFAIK I have no bandwidth cap, so if vz wants to waste 
their bandwidth handling such crap, it no longer bothers me to /dev/null 750 
or more bigger penis adds a week along with another 500 phishing scams, and 
of course maybe 250 419's.

>But whenever practical you want to not even receive those spams in
>the first place.  Why devote CPU time to scanning them when you already
>know the sending IP is a spam source?

As a pop3 puller only, I have no control over what is placed in my mailbox at 

>> I would submit that the innate fear of a text editor to be used to
>> configure this stuff is a much larger reason a lot of people use a
>> webmailer at their ISP.
>I would submit that your goofy structuring of your mailstream is
>causing you to receive thousands of spams which your SA install is
>then deleting, generating reports of how effective it is, and making
>you feel like your winning the war against the spammers.  ;-)

Nope, its already, except for the address alias the compromised vz server is 
sending to, already been through the filtration of the ISP, this is what gets 
by them.

>> The question then is how do we convince them its ok to set options in a
>> text file instead of a web page controlled by the ISP, where you have to
>> click past 3 web spams per message before you can actually see the
>> message?
>The question is how do we educate all would-be SA users in best
>anti-spam practices, and how to get the most mileage out of SA?

I think we do, as its a target that can visibly move in 1 hours time based on 
what we say right here on this list.  Remember that whoever invents the 
better mousetrap is in the long run, responsible for making a better mouse.

Thanks Ted, hopefully my explanations will clarify my reasons.

Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.

You can have peace.  Or you can have freedom. Don't ever count on having
both at once.
		-- Lazarus Long

View raw message