On Sun, 25 Jan 2004 05:07, Joey Hess <[EMAIL PROTECTED]> wrote: > Russell Coker wrote: > > I've just implemented it the DNS for my domain. It was easy enough to > > do, and doesn't seem to have any great issues. No mail from me has been > > blocked yet. > > Do beware of the .forward issue.
That is an issue. However for some time I have had my mail server configured to do DNS checks for significant domains when receiving mail. The domains I have checks for include hotmail, yahoo, a few big ISPs, and my personal domain... So when I send mail via /etc/aliases on some other machine that has an entry pointing back to me (EG root@ some machines where I have root access) then the message bounces when going to me, but then the bounce gets through. I've also had the same issue with spam being sent through open relays where the From: and To: addresses are both my address, the original gets blocked but I get the bounce message. > > The next thing is to make my mail server check such records before > > receiving mail. > > Next version of spamassassin is supposed to do that. That's not good enough. To do it properly that check has to be done in the SMTP dialog. I want the message to be rejected with code 55x to discourage the spammer from sending me any more. > > Once we get some good test results we can ask the Debian listmasters to > > consider implementing it for lists.debian.org. There are significant > > problems with spam going to the Debian lists and of @lists.debian.org > > addresses being used to spam other people and causing bounce messages. > > One thing I've been wondering about is pseudo-forged @debian.org From > addresses (like mine) and spf. It would seem we can never turn it on for > toplevel debian.org without some large changes in how developers send > their email. True. But protecting mailing lists is a much higher priority. If you get one spam to your personal address you can send it to spamcop or just delete it. If it goes to 10,000 people on a mailing list it causes a lot more bother. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
