spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin A. McGrail" <KMcGr...@PCCC.com>
Subject Re: Spamassassin not catching spam (Follow-up)
Date Thu, 26 Mar 2015 10:58:50 GMT
On 3/26/2015 6:20 AM, Reindl Harald wrote:
>
> and everybody acting that way for mails which are not only his own 
> should refrain from maintain a mailserver because he is playing 
> lottery with other peolles communication
>
You are inherently entitled to your opinion but we will have to agree to 
disagree because I believe the exact opposite that if you are not 
capable of knowing the cases to properly silently discard email than you 
have no business running a mailserver because you'll do more harm than 
good to the overall ecosystem.  At a very minimum, you should fully 
understand the impact of backscatter as well as the extremely viable 
vector for spamming/spreading malware through the use of forged headers 
to relay payloads through NDRs/DSNs.

While this behavior was helpful to identify compromised machines perhaps 
a decade ago, the techniques have long since switched to malicious 
behavior.

Your decision and advocacy for others to follow this path makes you a 
complicit bystander to how the bad guys work. And I can present facts, 
RFCs, best practices, logs, legal analysis, experts on the matter, etc.  
All you've stated is some amorphous laws (unquoted) based apparently in 
a country where I don't live.

Additionally, you will not convince me to change with a stance akin to 
politicians being infallible and that the law shouldn't be changed.  If 
you live in a place with such a law, you should lobby to improve the law.

I live in Virginia in the US and on the face, you might saw, OMG, KAM is 
breaking the law 
https://leg1.state.va.us/cgi-bin/legp504.exe?000+cod+18.2-152.4 for 
Computer Trespass.  However you will notice the clause at the top that 
requires "malicious intent".  My intent is not malicious.  My intent is 
to protect the public at large.

If you run a mail server that is sending DSNs/NDRs for everything, you 
might want to at least start and consider how you handle forged and 
malicious emails.  My strong recommendation is that you consider silent 
discard of items that have extremely low FPs as a start such as items 
identified as having a malicious payload by ClamAV with default rules.

I also suggest you read 
http://www.pccc.com/base.cgim?template=sage_code_of_ethics  I call it 
the IT ten commandments and believe strongly that if you follow it in 
your work, you will find yourself rising to the upper echelon of IT admins.

regards,
KAM

Mime
View raw message