Security Incidents mailing list archives

Re: Massive SPAM Increase {-2.6} {-2.6}

From: Nathaniel Hall <nathaniel.d.hall () gmail com>
Date: Mon, 09 Oct 2006 17:47:51 -0500

Sounds a lot like SpamAssassin.

Paul Schmehl wrote:

--On Monday, October 09, 2006 17:29:23 -0400 Tim
<tim-forensics () sentinelchicken org> wrote:

Its purpose is to reject *all* mail from bogus MTAs - dialups,
misconifigured servers, MTAs that aren't registered in the domains' DNS
as  a "legal" MX, MTAs that don't reverse properly, etc., etc.  If the
email is  forged in any way, it will never make it to DATA.



That's great, except it makes the internet more expensive for the little
guy.  If you're trying to run a non-spamming personal mailserver off of
a consumer DSL or cable line, you can get screwed by others' policies
like this because you may not have control over your PTR records or how
your ISP lists you as a non-MTA with other organizations.

Sure, argue that the little guy should just shell out for a better line,
but if he could, he wouldn't be the little guy.

It wouldn't hurt to actually read how it works before criticizing it.

Policyd-weight (the name implies what it does) provides a weighted score
to each "bad" thing an MTA does.  The *cumulative* score is what
matters.  It also *subtracts* points for good things that an MTA does. 
So, the situation you describe should not be a problem.

If you want to test that, send a test message to geek () stovebolt com, and
see if it gets rejected.  If it does, look at the headers to see what it
did.


-- 
Nathaniel Hall, GSEC GCFW GCIA GCIH

------------------------------------------------------------------------------
This List Sponsored by: Black Hat

Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. 
World renowned security experts reveal tomorrow's threats today. Free of 
vendor pitches, the Briefings are designed to be pragmatic regardless of your 
security environment. Featuring 36 hands-on training courses and 10 conference 
tracks, networking opportunities with over 2,500 delegates from 40+ nations. 

http://www.blackhat.com
------------------------------------------------------------------------------

Current thread:

Massive SPAM Increase Alex (Oct 08)
- Re: Massive SPAM Increase Kurt Seifried (Oct 08)
  - Re: Massive SPAM Increase {-2.6} Vini Engel (Oct 09)
    - Re: Massive SPAM Increase {-2.6} Kurt Seifried (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Vini Engel (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Tim (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Nathaniel Hall (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Tim (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Brent Kearney (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 09)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Graeme Fowler (Oct 09)
    - Re: Re: Massive SPAM Increase {-2.6} {-2.6} Luke Burton (Oct 09)
    - Re: Massive SPAM Increase Tillmann Werner (Oct 10)
    - Re: Massive SPAM Increase {-2.6} {-2.6} Valdis . Kletnieks (Oct 16)
    - Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 16)
    - Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Valdis . Kletnieks (Oct 16)
    - Re: ***SPAM*** Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 16)

(Thread continues...)