On 8 Jan 2006, at 05:03, Ted Mittelstaedt wrote:
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Robert Slade Sent: Friday, January 06, 2006 11:24 PM To: David Banning Cc: [EMAIL PROTECTED] Subject: Re: Spamcop listed - need help to diagnose whyThere is your problem TMDA is most likely the cause. Such programmes are in effect adding to the spam problem. Nearly all spam has a forged fromaddress and all programmes such as TMDA do is send a challenge to aninnocent 3rd party. Whist it looks like it reduces your spam all you do is in effect spam someone else. When your e-mail address has been used in a spam run by a spammer and you start getting 10s of these challengean hour it is quite easy to report 1 my accident. If you look at theSpamcop reporting page you will see a warning about just this situation.I suppose that the real answer is to stop compounding the spam problemand use a combination of spamassassin and block lists. BTW I make it a point never to respond to challenges.Ditto, and for the same reasons. I've removed David from the cc list on this for that reason as well. Also we need to be aware of another trick that spammers have figured out, that applies to anyone running multiple MX records on a domain (I don't know if David is in that situation) Normally if a domain has a single mailserver processing incoming mail, there's a single MX record pointing to a single machine. But in many cases it's desirable to relay mail through a prefilter system before it gets to the actual mailserver. In those cases a common trick is to block the highest priority MX host off with an access list. Senders try the highest priority, it fails, they then go to the next highest priority host which is the relay host. That host gets it, does it's thing, then tries to send it to the highest priority server which should work since the access list permits that server. This technique has been mentioned in the sendmail book among others.
Yes, but that is actually massively rude. The hosts listed in a domain's MX record are supposed to be hosts willing to exchange mail for that domain, so listing ones that are not it just wasting everyone's time and resources.
If you want to have such a prefilter system, there is no need to list the end system in the MX records; just use an internal route to do that.
Ceri
PGP.sig
Description: This is a digitally signed message part
