-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Steve Prior writes: > My domain geekster.com has been Joe jobbed for the last couple > of weeks. In spite of the fact that I responsibly created SPF > records for my domain, I am getting flooded with bounce messages > from other mail systems that don't understand most spam from > addresses are forged. Fortunatly AOL seems to have wizened up > since the last time this happened to me. > > It seems to me that email domains that email such bounce messages > or spam fighting techniques that send back a confirmation message > are now part of the problem rather than the solution, but since > the confirmation messages do shield THEIR users from spam they > don't care what it's doing to the rest of us. I'm wondering if > a blacklist of known domains which send out stupid bounce messages > or confirm emails would provide some incentive for cleaning them up. A BL would probably be helpful -- but sadly some *really big* networks (Earthlink's challenge-response) and companies (Fortune 500s) produce these bounces, too, so it'd have serious FP potential, since those mail relay IP addresses produce both the bounces and the legit mail. There's a ruleset to catch bounces, challenges and bogus virus warnings; Tim Jackson's bogus-virus-warnings.cf. That's what I use (now heavily modified locally). We're also considering that it may be worthwhile to get some kind of ruleset for these as an "official" builtin part of SpamAssassin; this'd be optional, since it needs a little work on the user side to change from simple 2-class ham/spam classification to multi-class ham/spam/bogus-bounce/bogus-virus-warning/bogus-cr classification, but I think it'd be very useful in many places. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Exmh CVS iD8DBQFCl3FrMJF5cimLx9ARAhOYAJ4kImeXVYCsk/P0/+cJoJiySYMgoACdFkkP ghabLeTb+GfEKmMqHAWJ+9Q= =dIUe -----END PGP SIGNATURE-----
