Loading ...
Sorry, an error occurred while loading the content.

291388Re: Null sender address in NDR's

Expand Messages
  • Robert Schetterer
    Feb 14, 2013
    • 0 Attachment
      Am 15.02.2013 00:29, schrieb Rod Whitworth:
      > On Thu, 14 Feb 2013 15:58:34 +0000, Viktor Dukhovni wrote:
      >> This has nothing to do with spam. One can just as easily send spam
      >> as <malory@...> as one can as <>. The ISP can equally easily
      >> track it down, since the Received: headers will contain the offending
      >> IP address.
      > I don't know if you are seeing the storm I'm seeing that works like
      > this:
      > Spammer sends mail to my domain using a target like
      > <JIXnZQwb5@...> and of course that is not accepted at entry.
      > However there are masses of idiots who accept and bounce and so I see:
      > <UHpUaGeKa48@...> proto=ESMTP helo=<mail-pa0-f68.google.com>
      > in bounce messages that did not originate in my domain.

      as in real world, there is less you can do against idiots

      > The spammer is hoping for his message to be bounced so that it looks
      > like the spam came from an innocent domain.
      > I aasume that the content is spam. I don't have time to probe messages
      > that may even have malware involved.
      > I wonder how many bounced messages are read at the falsely accused
      > domain....

      you may use dmarc, helps a little bit

      however in my most spammed domain, i use an adaptive firewall
      for blocking servers/bot ips ( beyond postscreen etc ), this keeps the
      log clean, and free up cpu power for legal mail, but that isnt a concept
      for everywhere, its more like last defense

      > R/
      > *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list.
      > Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou.
      > Rod/
      > ---
      > This life is not the real thing.
      > It is not even in Beta.
      > If it was, then OpenBSD would already have a man page for it.

      Best Regards
      MfG Robert Schetterer

      [*] sys4 AG

      http://sys4.de, +49 (89) 30 90 46 64
      Franziskanerstraße 15, 81669 München

      Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
      Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
      Aufsichtsratsvorsitzender: Joerg Heidrich
    • Show all 13 messages in this topic