From: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] On Behalf Of Pawel Lesniak
Sent: Wednesday, 4 March 2009 7:32 PM
To: postfix users list
Subject: Re: Spam attacks
W dniu 2009-03-03 23:34, MacShane, Tracy pisze:
> We have a very clear policy that users are only
permitted to relay mail
from our networks.
So you too advocate (if I clearly understand you) my point of
view, where those "legit mails", which Noel was talking about, are just
misconfigurations of others' servers.
I believe that we share opinion that restricting own users to
sending from my_networks and/or authenticated clients works perfectly to
stop getting spam from u...@example.com to u...@example.com.
Pawel Lesniak
=================
Actually, no, I wouldn't go that far. I'm fortunate in that I can
dictate such a policy, because it's existed since we've had email in
this organisation (well before my time), and we don't generally have
users subscribing to mailers that use this technique to get the mail
through. I do think it's a silly practice, but it's not technically a
"misconfiguration", nor is it necessarily spam, if a user signed up to
such a service.
For my organisation, it works perfectly as far as it goes, but that's
because of the established history and _clear policy_. We may one day
encounter a situation where we need to create an exemption for a
specific purpose. We only catch a couple of hundred or so messages a day
using this measure at present (it was higher when the botnets were more
active, and before we implemented Fail2ban), but that's a couple of
hundred lookups to Zen we don't have to do each day (not even 0.5% of
the total, though).
