Question: for these Spam Catchers,
instead of looking up content,
why don't they do a reverse lookup
on the sender's email. If it gets
a 300 response, send it through.
If not, put it in the spam folder.
Can it be any easier?
> Question: for these Spam Catchers,
> instead of looking up content,
> why don't they do a reverse lookup
> on the sender's email. If it gets
> a 300 response, send it through.
> If not, put it in the spam folder.
> Can it be any easier?
Maybe you should consider the fact that probably over 95% of UCE sender
email addresses are forged.
--
use hotmail com for any email replies
-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 100,000 Newsgroups - 19 Different Servers! =-----
*Prior Art*:
Sender checking can be done in sendmail using milter-sender:
http://www.snert.com/Software/milter-sender/
[ AFAIK other MTAs had done it earlier (exim?) ]
*Efficiency Analyze*:
It will not be hard for spammers to pass such tests e.g. by faking addresses
handled by "accept now and bounce later" mail servers, using throwaway
accounts created at free mail services or faking existing email addresses.
P.S.
1) Some spammers are pretty smart and they have proved they know how to adapt.
2) IMHO SMTP should be renamed overSimpified Mail Transfer Protocol.
[ It had been *really* good by the requirements have changed ]
--
Andrzej [pl>en: Andrew] Adam Filip http://www.polbox.com/a/anfi/
an...@priv.onet.pl an...@xl.wp.pl [former: an...@Box43.pl]
*Random Epigram* :
The great secret in life ... [is] not to open your letters for a fortnight.
At the expiration of that period you will find that nearly all of them have
answered themselves.
-- Arthur Binstead
Andrzej Filip wrote:
> ynotssor wrote:
>
>> "Bob Crane" <jab...@earthlink.net> wrote in message
>> news:pan.2003.10.15....@earthlink.net
>>
>>
>>> Question: for these Spam Catchers,
>>> instead of looking up content,
>>> why don't they do a reverse lookup
>>> on the sender's email. If it gets
>>> a 300 response, send it through.
>>> If not, put it in the spam folder.
>>> Can it be any easier?
>>
>>
>>
>> Maybe you should consider the fact that probably over 95% of UCE sender
>> email addresses are forged.
>
>
> *Prior Art*:
> Sender checking can be done in sendmail using milter-sender:
> http://www.snert.com/Software/milter-sender/
> [ AFAIK other MTAs had done it earlier (exim?) ]
Yes, but this was valid some time before, no more now...
milter-sender and equivalent filters do a "MAIL From" and a "RCPT TO" commands to verify
that user exists. If sendmail answers "220 OK". It considers that users exists.
But when sendmail answers "OK", this *** doesn't means that user exists ***, but only that
sendmail says : "OK, I can accept messages for this user".
So, if I look at our postmaster mailbox, I find usually 3000 messages a day. Most of them,
says 95 % are spam sent using forged adresses from internal mail servers not directly
accessible from outside. This means : spammers are no more using verifiable addresses.
>
> *Efficiency Analyze*:
> It will not be hard for spammers to pass such tests e.g. by faking
> addresses handled by "accept now and bounce later" mail servers, using
> throwaway accounts created at free mail services or faking existing
> email addresses.
>
> P.S.
> 1) Some spammers are pretty smart and they have proved they know how to
> adapt.
Yeaaaaah !
> 2) IMHO SMTP should be renamed overSimpified Mail Transfer Protocol.
> [ It had been *really* good by the requirements have changed ]
>
--
---------------------------------------------------------------
Jose Marcio MARTINS DA CRUZ Tel. :(33) 01.40.51.93.41
Ecole des Mines de Paris http://j-chkmail.ensmp.fr
60, bd Saint Michel http://www.ensmp.fr/~martins
75272 - PARIS CEDEX 06 mailto:Jose-Marc...@ensmp.fr
Milter-sender can be configured to so "full check" for some domains.
see -m command line option
http://www.snert.com/Software/milter-sender/
> So, if I look at our postmaster mailbox, I find usually 3000 messages a
> day. Most of them, says 95 % are spam sent using forged adresses from
> internal mail servers not directly accessible from outside. This means :
> spammers are no more using verifiable addresses.
> [...]
--
Andrzej [pl>en: Andrew] Adam Filip http://www.polbox.com/a/anfi/
an...@priv.onet.pl an...@xl.wp.pl [former: an...@Box43.pl]
*Random Epigram* :
"As an adolescent I aspired to lasting fame, I craved factual certainty, and
I thirsted for a meaningful vision of human life -- so I became a scientist.
This is like becoming an archbishop so you can meet girls."
-- Matt Cartmill
You don't pay to get spam, why pay to clean it?
Visit http://www.spammarshall.com to create an account for free
Andrzej Filip wrote:
> Jose Marcio Martins da Cruz wrote:
>
...
>>
>> milter-sender and equivalent filters do a "MAIL From" and a "RCPT TO"
>> commands to verify that user exists. If sendmail answers "220 OK". It
>> considers that users exists.
>>
>> But when sendmail answers "OK", this *** doesn't means that user
>> exists ***, but only that sendmail says : "OK, I can accept messages
>> for this user".
>
>
> Milter-sender can be configured to so "full check" for some domains.
> see -m command line option
> http://www.snert.com/Software/milter-sender/
>
So, consider the consequences using this option : a spammer sends 10000 messages to 10000
different addresses using as forged sender address an...@priv.onet.pl. If all spam
recipients servers are using milter-sender, you, the innocent, will receive 10000 little
messages with the subject "mailbox check"... Not cool ! 8-)
There are similar solutions under study at ASRG (RMX and so) which will be
more effective and less intrusive...
> Bob,
> Sender's email is not the only thing that matters. It is a no brainer to
> write someone else's email in the address. There are quite a few things
> that you need to check:
>
> 1. IP Address - you can do that with send-mail and public RBL server
> 2. Domain/Sender verification - Try doing a reverse lookup on the domain
> name and sender.
> 3. Content validation
>
> KB
>
> --
> ------------------------------------------------------------------------
> This email is certified to be Spam free by Spam Marshall
>
> You don't pay to get spam, why pay to clean it?
> Visit http://www.spammarshall.com to create an account for free
> <http://www.spammarshall.com>
>
> ------------------------------------------------------------------------
The irony is stupifying.
dp
I posted a link to software implementing the idea.
I have not written it is perfect.
> There are similar solutions under study at ASRG (RMX and so) which will be
> more effective and less intrusive...
I posted one RMX like idea myself some time ago
(DNS based "by IP" authentication)
--
Andrzej [pl>en: Andrew] Adam Filip http://www.polbox.com/a/anfi/
an...@priv.onet.pl an...@xl.wp.pl [former: an...@Box43.pl]
*Random Epigram* :
Whip me. Beat me. Make me maintain AIX.
-- Stephan Zielinski
Andrzej Filip wrote:
> Jose Marcio Martins da Cruz wrote:
>
>
>
> I posted a link to software implementing the idea.
> I have not written it is perfect.
I agree with you.
The software (milter-sender) isn't perfect, but the idea of finding a way to authenticate
sender is the good way, IMO.
>
>> There are similar solutions under study at ASRG (RMX and so) which
>> will be
>> more effective and less intrusive...
>
>
> I posted one RMX like idea myself some time ago
> (DNS based "by IP" authentication)
>
>
--