From: Jeff B. <je...@bu...> - 2005-07-29 22:08:31
|
Sorry - I mean "I do not and have never gotten emails of the type you mention"! Brain shutting down ... Jeff Jeff Buehler wrote: > Right - I see. It would be nice if everyone would get SPF finally in > place. > > I get and have never gotten emails of the type you mention - I guess > this just means I am lucky that spammers have not so far decided to > send out spam spoofing one of my domains, is that right? If so, what > a drag that SMTP is so easy to hack - that's the real problem. > > Jeff > > > > Matt Breedlove wrote: > >> Spammer sends 10000 spams to fak...@yo... from >> inn...@le... >> >> Your NDR enabled mail server sends 10,000 NDR messages to >> inn...@le... saying 10,000 times, "Uh yeah, >> fak...@yo... doesn't exist". >> >> Now imagine you are inn...@le... (as I have been >> too many times to count) how upset would you be >> >> Does it really matter what in the message body of 10,000 "non-useful" >> email to you? Whether it's a bunch of NDR crap or whether it's a message >> about free Microsoft software...i still consider both spam though I >> suppose an argument could be made that is would be bulk unwanted mail. >> >> >> >> >> >> -----Original Message----- >> From: ass...@li... >> [mailto:ass...@li...] On Behalf Of Jeff Buehler >> Sent: Friday, July 29, 2005 12:06 PM >> To: ass...@li... >> Subject: Re: [Assp-user] LDAP hurting spam corpus? (was LDAP Questions) >> >> How does that work simply by use of NDR's (the forging of the FROM >> address, I mean?). All the NDR does is notify the sender that a user of >> >> a given name is not at the location, right? I ask because I don't >> know how Exchange handles this, just my MTA... and I assume you mean >> that after this has been forged, then you can get on the RBL's, right? >> >> Jeff >> >> Matt Breedlove wrote: >> >> >> >>> If you have NDR's turned on Spammers can use you to send spam by >>> >> >> forging >> >> >>> the From address. Not to mention this can EASILY get you on Spam >>> BLACKLISTS used bye hundreds of anti-spam systems! Feeling lucky? : ) >>> >>> -----Original Message----- >>> From: ass...@li... >>> [mailto:ass...@li...] On Behalf Of Carnes, Jim >>> Sent: Friday, July 29, 2005 11:15 AM >>> To: ass...@li... >>> Subject: RE: [Assp-user] LDAP hurting spam corpus? (was LDAP Questions) >>> >>> If I am reading the RFC 2821 correctly, once my server accepts the >>> >> >> mail, >> >> >>> if it is an invalid recepient my server is required to send an NDR in >>> order to be compliant. If ASSP drops the email due to LDAP no NDR is >>> required. >>> >>> Am I misreading this RFC? >>> >>> >>> Jim >>> >>> >>> >>> -----Original Message----- >>> From: ass...@li... >>> [mailto:ass...@li...] On Behalf Of Matt >>> Breedlove >>> Sent: Friday, July 29, 2005 1:54 PM >>> To: ass...@li... >>> Subject: RE: [Assp-user] LDAP hurting spam corpus? (was LDAP Questions) >>> >>> >>> Jim, >>> >>> >>> First off you need to do yourself a favor and TURN OFF all NDR's on >>> >> >> your >> >> >>> exchange server. Having these turned on confirms one way or another >>> >> >> that >> >> >>> recipients are valid or not. I turned off NDR's on our mail server 1 >>> year ago and have never looked back. Not a single complaint. I know for >>> a fact that spammers to "domain mapping" for domains by concentrating >>> >> >> on >> >> >>> a single domain at some point in time and just flooding it with >>> >> >> username >> >> >>> variations with valid reply-to addresses. At that point it is simple to >>> determine What username format is being used at the organization: >>> >>> First name last name first letter >>> First name dot last name >>> First name initial last name, etc >>> >>> Just looking at what DID NOT generate an NDR. Now they know your >>> username format. >>> >>> Now on your question about people running LDAP seeing more spam getting >>> through...this is going to be a subjective question with a mix of >>> perceptions based on all the different variables involved. For instance >>> whether 1, 2 or 3+ domains are in use, mail volume, how long the >>> domain(s) has been in existence (older = more spam), whether or not the >>> domain as a web presence, whether or not the domain has bad employees >>> who post their email address on scads of website forums that are >>> >> >> crawled >> >> >>> and harvested by spammers, etc" >>> >>> So stick with reason, and take anecdotes with a grain of salt unless >>> >> >> you >> >> >>> have all those details : ) >>> >>> Micheal - Heres the thing. When you say my logic is, >>> >>> "by not receiving spam we are making ourselves vulnerable to >>> spam" >>> >>> it is incomplete. >>> >>> >>> What it should say is >>> >>> >>> "by not paying attention to the majority of spam we are making >>> ourselves vulnerable to the minority of spam that may/will actually get >>> to a legit users email client" >>> >>> >>> >>> ------------------------------------------------------- >>> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies >>> >>> from IBM. Find simple to follow Roadmaps, straightforward articles, >> >> >> >>> informative Webcasts and more! Get everything you need to get up to >>> speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=ick >>> _______________________________________________ >>> Assp-user mailing list >>> Ass...@li... >>> https://lists.sourceforge.net/lists/listinfo/assp-user >>> >>> ___________ >>> This communication is for the intended recipient only. This >>> >> >> communication may contain >> >> >>> information that is privileged, confidential and exempt from disclosure >>> >> >> under applicable >> >> >>> law and constitutes an electronic communication within the meaning of >>> >> >> the Electronic >> >> >>> Communications Privacy Act, 18 U.S.C. 2510. Disclosure is strictly >>> >> >> limited to the >> >> >>> recipient intended by the sender. This communication is intended for >>> >> >> the sole use of the >> >> >>> intended recipient and receipt by anyone other than the intended >>> >> >> recipient does not >> >> >>> constitute a loss of the confidential or privileged nature of the >>> >> >> communication. If you >> >> >>> are not the intended recipient or agent responsible for delivery, you >>> >> >> are hereby notified >> >> >>> that any unauthorized use, dissemination, distribution or copying of >>> >> >> this communication >> >> >>> is strictly prohibited and may subject you to criminal or civil >>> >> >> penalty. If you have >> >> >>> received this communication in error, please notify us immediately by >>> >> >> email, delete the >> >> >>> message, and destroy any copies. >>> >>> >>> >>> ------------------------------------------------------- >>> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies >>> >>> from IBM. Find simple to follow Roadmaps, straightforward articles, >> >> >> >>> informative Webcasts and more! Get everything you need to get up to >>> speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click >>> _______________________________________________ >>> Assp-user mailing list >>> Ass...@li... >>> https://lists.sourceforge.net/lists/listinfo/assp-user >>> >>> >>> >>> >> >> >> >> >> > > -- Buehler Technologies 19 Circle Drive - San Rafael, CA 94901 415.459.4677 - je...@bu... |