From: Greg A. Woods (no email)
Date: Thu Nov 01 2001 - 11:31:09 EST
[ On Thursday, November 1, 2001 at 00:29:35 (-0800), Ronald F. Guilmette wrote: ]
> Subject: Re: another interesting spam trick...
>
>
> I agree that it _should't_ be necessary, but if you are trying to bend
> over backwards to avoid false positives, then you will use the ``trimming''
> of domain names that I described, also, as part of your validation of the
> HELO/EHLO name.
NO! No trimming! We already bend over backwards by allowing a literal
IP address!!!! If the sending SMTP client can't get either one of those
right then it does not deserve any more attention than any other loud
racuous fraud who's claiming to be someone he or she obviously is not
and can not be!
> I wish I had a dollar for every mail server I had ever seem whose HELO name
> was something like:
>
> mail.jakes-pizza-planet.com
>
> and where that domain name has -ZERO- `A' records (i.e. doesn't resolve
> at all) but where if you look up the MX records for just
>
> jakes-pizza-planet.com
>
> you'll get something like:
>
> exchange.jakes-pizza-planet.com
>
> and that name _will_ resolve, and it will resolve properly to the IP of
> the server in question.
Who cares?!?!?!? The sending SMTP client and/or its DNS is _misconfigured_!
They can (very easily) fix it, or have their e-mail bounce! It's really
that simple! Once 10% or more of their e-mail bounces they might start
to get a clue and ask for help!
> There's no reason not to go the extra mile to be lenient about these kinds
> of cases.
Oh, on the contrary! You're ever changing, ever more complex work
arounds to accomodate them is reason enough, but it's far from the only
reason!
> You aren't going to get more spam if you are a bit forgiving of
> these cases, but you WILL lower your false positive rate a bit.
Oh, but you are! The spammers began to adapt to these things a couple
of years ago already!
You can invent any number of complex twisted rules to accomodate
idiots. For example now you've gone from looking up PTRs to doing full
MX lookups (MX+A RRs) for the greeting name! Where does it end? I'll
tell you: it _never_ ends so long as you try to accomodate the bumbling
fools ("just as soon as you make something foolproof, along comes
another fool!").
However the _real_ rules (i.e. what we've generally agreed the RFCs
should be interpreted as saying in today's context) are _trivially_
simple. If the idiots running mail servers can not make their systems
conform to even these very trivial real rules then they do not deserve
to be able to send any e-mail, spam or not, until they figure out how to
do it right.
-- Greg A. Woods +1 416 218-0098 VE3TCP <> <> Planix, Inc. <>; Secrets of the Weird <> - To unsubscribe, send mail to with content (not subject): unsubscribe postfix-users
|
|
|