spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gene Heskett <gene.hesk...@verizon.net>
Subject Re: Pulling my hair out
Date Tue, 20 Oct 2009 16:33:55 GMT
On Tuesday 20 October 2009, Ted Mittelstaedt wrote:
>Gene Heskett wrote:
[...]
>Since your not the recipient mailserver, (your upstream server is) and
>I presume that your upstream is NOT running SA or doing any filtering
>(otherwise you are effectively wearing 2 condoms, on on top of the
>other, and wasting a lot of CPU on your system scanning mail that has
>been scanned already) you are effectively telling the spammers that they
>have a valid e-mail box and encouraging more spam.

They are running a spam filter, some sort of am M$ thing that still lets 
about 1 to 2 thousand a week through.  Gmails is far better than verizons, 
but I have NDI what they are running for a filter.  The tv stations server 
used to produce 10,000 a week, but is getting better, now maybe 50/wk.

>If you have control of the destination IP address the spammers are
>sending spam to, (the upstream) you can configure your MTA to issue an
>error 550  then disconnect when a source IP address on an Internet
>blacklist attempts to pass you mail.

I can't do that, I'm just pulling whats they miss with fetchmail.

>Not only does that save your
>bandwidth but if the spammer is relaying spams through an open
>mailserver, that will cause the compromised sending mailserver to bounce
>the relayed spam to it's administrator's mailbox (assuming that it's
>properly configured) which might ring the clue phone of the
>administrator managing the compromised mailserver, or if that doesn't
>work possibly consume all free disk space on the compromised server,
>thus causing it to crash and cease being a nuisance to the rest of
>us on the Internet.

Verizon has such a compromised server right now, and I have sent several 
samples of the bogus messages it is sending me 20x a day of, for over a week 
now, no response and no change.  As long as it makes vz money, they don't 
care.  If there was another provider in my area, I'd be gone in a heartbeat.  
Cable might work, but they want 2x more a month and always have.

>SA is useful dealing with the spams that make it past the blacklist,
>or spams coming from the few servers out there which are legitimate
>mail senders but are also blacklisted since they send spams as
>well - and so you have to put them in an exception list and allow them
>to send their mixed ham and spam to you.

And its useful to me, causing about 1.5K of these mails to be sent to 
/dev/null a week.  AFAIK I have no bandwidth cap, so if vz wants to waste 
their bandwidth handling such crap, it no longer bothers me to /dev/null 750 
or more bigger penis adds a week along with another 500 phishing scams, and 
of course maybe 250 419's.

>But whenever practical you want to not even receive those spams in
>the first place.  Why devote CPU time to scanning them when you already
>know the sending IP is a spam source?

As a pop3 puller only, I have no control over what is placed in my mailbox at 
vz.

>> I would submit that the innate fear of a text editor to be used to
>> configure this stuff is a much larger reason a lot of people use a
>> webmailer at their ISP.
>
>I would submit that your goofy structuring of your mailstream is
>causing you to receive thousands of spams which your SA install is
>then deleting, generating reports of how effective it is, and making
>you feel like your winning the war against the spammers.  ;-)

Nope, its already, except for the address alias the compromised vz server is 
sending to, already been through the filtration of the ISP, this is what gets 
by them.

>> The question then is how do we convince them its ok to set options in a
>> text file instead of a web page controlled by the ISP, where you have to
>> click past 3 web spams per message before you can actually see the
>> message?
>
>The question is how do we educate all would-be SA users in best
>anti-spam practices, and how to get the most mileage out of SA?

I think we do, as its a target that can visibly move in 1 hours time based on 
what we say right here on this list.  Remember that whoever invents the 
better mousetrap is in the long run, responsible for making a better mouse.

>Ted
>
Thanks Ted, hopefully my explanations will clarify my reasons.

-- 
Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
<https://www.nrahq.org/nrabonus/accept-membership.asp>

You can have peace.  Or you can have freedom. Don't ever count on having
both at once.
		-- Lazarus Long

Mime
View raw message