Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] state of the art spam filtering
- Date: Fri, 19 Mar 2010 11:03:30 +0100
- From: Attila Kinali <attila@example.com>
- Subject: Re: [tlug] state of the art spam filtering
- References: <20100316092524.c153a4a9.attila@example.com> <201003170130.00440.fcartegnie@example.com> <20100318112911.9887ac97.attila@example.com> <201003181347.44383.fcartegnie@example.com>
- Organization: NERV
On Thu, 18 Mar 2010 13:47:44 +0100 Francois Cartegnie <fcartegnie@example.com> wrote: > Le jeudi 18 mars 2010, vous avez écrit : > > Yes, that's why more and more worms/troyans use the setting of outlook > > to send mails, so they can go over the ISPs MTA, which makes it legitimate > > for quite a lot of MXs > > And also legitimate for the ISP to end or put on hold their broadband > subscription. Complainers logs aren't enough for that. I'd be carefull here. In most jurisdictions ISPs count as telco carriers which gives them special duties. Hence you cannot just cut someone of just because his computer is misbehaving. > > Judging from the logs of the MPlayer/FFmpeg mailinglist server, that's > > about 30% of mail. Most of which are by the developers themself. So if i'd > > block dyn IP users, i'd block the people who are the most legitimate users > > of the mailinglist. > > It's not about dyn IP users, it's about mtas, doing direct delivery, hosted on > dyn ip and showing it in their reverse. > If they are geeky to run their own mta, then should also prove they can set up > a correct reverse dns (which is in some way proving they're in control of the > host, not a zombie) or set the mta to forward through their isp. You might be geeky enough to have your own _sending_ MTA running at home behind a dyn IP. You might not have the possibility to get static IPs. And even if you have a static IP, not all ISPs provide you with custom IN PTR entries. > > That's the reason why most people consider RBLs a broken as designed > > solution. It breaks a previously working and legitimate use of the > > internet. > > Do you have remote IP or blocks listed in your firewall ? No. There is no point in having such lists as they give only a false sense of protection. > > It is possible with multiple MXs too. At least postfix can do that. > > And it's highly recommended too. > > Large companies/organisations forwards mails to internal mta of subgroups or > customers. They usually don't check/can't check that the final account exists > on those. Large companies/organisations usualy use a centralized user managment over all subgroups that allows such user checking at the border. It's just that either the IT department is totaly clueless or that they didnt bother to implement a checking. But even without that, the postfix checking i mentioned above is based on asking the next-hop MX whether the user is a valid recipient. So it would even work if you dont have any centralized user managment as long as you know where the mail should go to and all hops participate in this checking. Attila Kinali -- If you want to walk fast, walk alone. If you want to walk far, walk together. -- African proverb
- Follow-Ups:
- Re: [tlug] state of the art filtering
- From: Tobias Diedrich
- Re: [tlug] state of the art filtering
- References:
- [tlug] state of the art spam filtering
- From: Attila Kinali
- Re: [tlug] state of the art spam filtering
- From: Francois Cartegnie
- Re: [tlug] state of the art spam filtering
- From: Attila Kinali
- Re: [tlug] state of the art spam filtering
- From: Francois Cartegnie
- [tlug] state of the art spam filtering
- Prev by Date: Re: [tlug] Mailing list web archives..... Is this leagal ?
- Next by Date: [tlug] Changing a file server from XP to Ubuntu
- Previous by thread: Re: [tlug] state of the art spam filtering
- Next by thread: Re: [tlug] state of the art filtering
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |