Re: spam SW, EMS/RFMS
- Date: Thu, 26 Mar 1998 20:31:39 +1100
In message <199803201124.MAA10343@localhost>, Gunnar Lindberg wri
tes:
>Sorry, I should have been more clear about that. Correct, you cannot
>ever deny "MAIL From:<>" into your local system, for the reason Ulf
>mentions. However, you could possibly refuse to act as Mail Relay
>for that - I've though of it but haven't yet got sendmail to hand
>out enough information to the Schek* rules. And, what I did was more
>to use who sent "MAIL From:<>" to manually select what dialup ISPs
>seems to carry many such EMS/RFMS spammers.
Don't worry. I can save you time.
<paranoid>They're everywhere</paranoid>
(at least according to our logs)
>>Why use secondary MX?
>>The sending MTA will keep the mail in any case until 1'MX is up...
>
>To get the mail "closer" to us so that we - chalmers.se - can see
>that some subdomain's mail server is down and have them take action
>(often we notice before they do). This is probably a difference
>between my university, where we are all one happy family (hm :-),
>and an ISP with customers.
Which is our situation. Largeish ISP with a large number of customers with
a fair proportion of those other ISPs. And a couple of _extremely_ well
known MX hosts, used as secondary/tertiary MX by every man and his dog
in .au....
>BUT, the bottom line is I serously refuse to configure our MX-records
>and Relaying based on spammers. It's possible, perhaps eveen likely,
>that I'll eventually have to give up and admit their victory, but
>that will not go without fight.
This is what we're considering/working on now. While the abuse/reporting
levels haven't reached those of other places, it's enough that I don't want
to play this "game" any longer.
Anyone have any alternatives to denying all relaying on our MX hosts before I
have to actually start working on it?
The next stage in this little war I can see happening is the abuser connecting
directly to the least cost MX and delivering directly from a throwaway
dialup account.
What do we do then? Where do we run? How would mail work in an environment
where you can't accept an SMTP connection from anyone?
Cheers(?)
Sean