Re: [Assp-user] LDAP hurting spam corpus? (was LDAP Questions)

[Jeff B. <je...@bu...>]

Sorry - I mean "I do not and have never gotten emails of the type you 
mention"!  Brain shutting down ...

Jeff

Jeff Buehler wrote:

> Right - I see.  It would be nice if everyone would get SPF finally in 
> place.
>
> I get and have never gotten emails of the type you mention - I guess 
> this just means I am lucky that spammers have not so far decided to 
> send out spam spoofing one of my domains, is that right?  If so, what 
> a drag that SMTP is so easy to hack - that's the real problem.
>
> Jeff
>
>
>
> Matt Breedlove wrote:
>
>> Spammer sends 10000 spams to fak...@yo... from
>> inn...@le...
>>
>> Your NDR enabled mail server sends 10,000 NDR messages to
>> inn...@le... saying 10,000 times, "Uh yeah,
>> fak...@yo... doesn't exist".
>>
>> Now imagine you are inn...@le... (as I have been
>> too many times to count) how upset would you be
>>
>> Does it really matter what in the message body of 10,000 "non-useful"
>> email to you? Whether it's a bunch of NDR crap or whether it's a message
>> about free Microsoft software...i still consider both spam though I
>> suppose an argument could be made that is would be bulk unwanted mail.
>>
>>
>>
>>
>>
>> -----Original Message-----
>> From: ass...@li...
>> [mailto:ass...@li...] On Behalf Of Jeff Buehler
>> Sent: Friday, July 29, 2005 12:06 PM
>> To: ass...@li...
>> Subject: Re: [Assp-user] LDAP hurting spam corpus? (was LDAP Questions)
>>
>> How does that work simply by use of NDR's (the forging of the FROM 
>> address, I mean?).  All the NDR does is notify the sender that a user of
>>
>> a given name is not at the location, right?  I ask because I don't 
>> know how Exchange handles this, just my MTA...  and I assume you mean 
>> that after this has been forged, then you can get on the RBL's, right?
>>
>> Jeff
>>
>> Matt Breedlove wrote:
>>
>>  
>>
>>> If you have NDR's turned on Spammers can use you to send spam by
>>>   
>>
>> forging
>>  
>>
>>> the From address. Not to mention this can EASILY get you on Spam
>>> BLACKLISTS used bye hundreds of anti-spam systems! Feeling lucky? : )
>>>
>>> -----Original Message-----
>>> From: ass...@li...
>>> [mailto:ass...@li...] On Behalf Of Carnes, Jim
>>> Sent: Friday, July 29, 2005 11:15 AM
>>> To: ass...@li...
>>> Subject: RE: [Assp-user] LDAP hurting spam corpus? (was LDAP Questions)
>>>
>>> If I am reading the RFC 2821 correctly, once my server accepts the
>>>   
>>
>> mail,
>>  
>>
>>> if it is an invalid recepient my server is required to send an NDR in
>>> order to be compliant.  If ASSP drops the email due to LDAP no NDR is
>>> required.
>>>
>>> Am I misreading this RFC?
>>>
>>>
>>> Jim
>>>
>>>
>>>
>>> -----Original Message-----
>>> From: ass...@li...
>>> [mailto:ass...@li...] On Behalf Of Matt
>>> Breedlove
>>> Sent: Friday, July 29, 2005 1:54 PM
>>> To: ass...@li...
>>> Subject: RE: [Assp-user] LDAP hurting spam corpus? (was LDAP Questions)
>>>
>>>
>>> Jim,
>>>
>>>
>>> First off you need to do yourself a favor and TURN OFF all NDR's on
>>>   
>>
>> your
>>  
>>
>>> exchange server. Having these turned on confirms one way or another
>>>   
>>
>> that
>>  
>>
>>> recipients are valid or not. I turned off NDR's on our mail server 1
>>> year ago and have never looked back. Not a single complaint. I know for
>>> a fact that spammers to "domain mapping" for domains by concentrating
>>>   
>>
>> on
>>  
>>
>>> a single domain at some point in time and just flooding it with
>>>   
>>
>> username
>>  
>>
>>> variations with valid reply-to addresses. At that point it is simple to
>>> determine What username format is being used at the organization:
>>>
>>> First name last name first letter
>>> First name dot last name
>>> First name initial last name, etc
>>>
>>> Just looking at what DID NOT generate an NDR. Now they know your
>>> username format.
>>>
>>> Now on your question about people running LDAP seeing more spam getting
>>> through...this is going to be a subjective question with a mix of
>>> perceptions based on all the different variables involved. For instance
>>> whether 1, 2 or 3+ domains are in use, mail volume, how long the
>>> domain(s) has been in existence (older = more spam), whether or not the
>>> domain as a web presence, whether or not the domain has bad employees
>>> who post their email address on scads of website forums that are
>>>   
>>
>> crawled
>>  
>>
>>> and harvested by spammers, etc"
>>>
>>> So stick with reason, and take anecdotes with a grain of salt unless
>>>   
>>
>> you
>>  
>>
>>> have all those details : )
>>>
>>> Micheal - Heres the thing. When you say my logic is,
>>>
>>>     "by not receiving spam we are making ourselves vulnerable to
>>> spam"
>>>
>>>      it is incomplete.
>>>
>>>
>>>     What it should say is
>>>
>>>
>>>     "by not paying attention to the majority of spam we are making
>>> ourselves vulnerable to the minority of spam that may/will actually get
>>> to a legit users email client"
>>>
>>>
>>>
>>> -------------------------------------------------------
>>> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
>>>   
>>> from IBM. Find simple to follow Roadmaps, straightforward articles,
>>
>>  
>>
>>> informative Webcasts and more! Get everything you need to get up to
>>> speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=ick
>>> _______________________________________________
>>> Assp-user mailing list
>>> Ass...@li...
>>> https://lists.sourceforge.net/lists/listinfo/assp-user
>>>
>>> ___________
>>> This communication is for the intended recipient only.  This
>>>   
>>
>> communication may contain
>>  
>>
>>> information that is privileged, confidential and exempt from disclosure
>>>   
>>
>> under applicable
>>  
>>
>>> law and constitutes an electronic communication within the meaning of
>>>   
>>
>> the Electronic
>>  
>>
>>> Communications Privacy Act, 18 U.S.C. 2510.  Disclosure is strictly
>>>   
>>
>> limited to the
>>  
>>
>>> recipient intended by the sender. This communication is intended for
>>>   
>>
>> the sole use of the
>>  
>>
>>> intended recipient and receipt by anyone other than the intended
>>>   
>>
>> recipient does not
>>  
>>
>>> constitute a loss of the confidential or privileged nature of the
>>>   
>>
>> communication. If you
>>  
>>
>>> are not the intended recipient or agent responsible for delivery, you
>>>   
>>
>> are hereby notified
>>  
>>
>>> that any unauthorized use, dissemination, distribution or copying of
>>>   
>>
>> this communication
>>  
>>
>>> is strictly prohibited and may subject you to criminal or civil
>>>   
>>
>> penalty. If you have
>>  
>>
>>> received this communication in error, please notify us immediately by
>>>   
>>
>> email, delete the
>>  
>>
>>> message, and destroy any copies.
>>>
>>>
>>>
>>> -------------------------------------------------------
>>> SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
>>>   
>>> from IBM. Find simple to follow Roadmaps, straightforward articles,
>>
>>  
>>
>>> informative Webcasts and more! Get everything you need to get up to
>>> speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click
>>> _______________________________________________
>>> Assp-user mailing list
>>> Ass...@li...
>>> https://lists.sourceforge.net/lists/listinfo/assp-user
>>>
>>>
>>>
>>>   
>>
>>
>>
>>  
>>
>
>


-- 

	
	

	
	Buehler Technologies
19 Circle Drive - San Rafael, CA 94901
415.459.4677 - je...@bu...