El grupo al cual envías entradas es un grupo Usenet. Si envías mensajes a este grupo, cualquier usuario de Internet podrá ver tu dirección de correo electrónico
My server isn't sending backscatter, mail sent to unknown local recipients is rejected during the smtp connection.
My server isn't doing sender callouts.
(Of course, I could be mistaken, but I've diligently tested the server, double-checked the configuration, and examined my logs. Absent any specific info from backscatterer, e.g. a message id or other identifying headers, that's all I can do.)
However I'm not interested in having my server removed from the list. That would be pointless, since it was put on the list erroneously in the first place, it's highly likely it would just get listed again.
Rather, I'm writing you to inform you that the system you believe to be so perfect is a piece of crap.
One way it could be improved is to actually provide some headers of the allegedly offending email, rather than simply lecturing people about backscatter.
I see from the discussions on new.admin.net-abuse.blocklisting that I am not the only victim of your poorly designed and implemented system.
Since you are lecturing people on 'good netizenship', that must mean mail sent to postmas...@backscatterer.org will be read by a human. However, I doubt it.
This message was sent to postmas...@backscatterer.org.
this was the result.
Nov 10 14:47:47 s2 postfix/smtp[31840]: 6D6A9ADC050: to=<postmas...@backscatterer.org>, relay=unimatrix.admins.ws[213.200.254.243]:25, delay=5.1, delays=0.38/0/1.2/3.5, dsn=5.0.0, status=bounced (host unimatrix.admins.ws[213.200.254.243] said: 550 Access denied: 550 (V4.1-RULE-0615) We have no user postmas...@backscatterer.org, please call your recipient if you are in doubt of the correct spelling. (in reply to RCPT TO command))
I'm sure the readers of this newsgroup realize that the RfC for smtp requires that mail to postmaster@domain be deliverable to a mailbox read by a human.
BACKSCATTERER: forget about the mote in my eye, remove the beam from your own.
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
On Wed, 11 Nov 2009 03:45:44 +0000, google wrote: > Nov 10 14:47:47 s2 postfix/smtp[31840]: 6D6A9ADC050: > to=<postmas...@backscatterer.org>, > relay=unimatrix.admins.ws[213.200.254.243]:25, delay=5.1, > delays=0.38/0/1.2/3.5, dsn=5.0.0, > status=bounced > (host unimatrix.admins.ws[213.200.254.243] said: 550 Access denied: 550 > (V4.1-RULE-0615) We have no user postmas...@backscatterer.org, please > call your recipient if you are in doubt of the correct spelling. > (in reply to RCPT TO command))
> I'm sure the readers of this newsgroup realize that the RfC for smtp > requires that mail to postmaster@domain be deliverable to a mailbox read > by a human.
Only if the domain actually sends mail....
M4
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
goo...@guscreek.com <goo...@guscreek.com> wrote: > One way it could be improved is to actually provide some headers of > the > allegedly offending email, rather than simply lecturing people about > backscatter.
Remember that this silly system does not even collect the offending mail. It gets the MAIL FROM, sees it is <> or <postmaster@*>, gets the RCPT TO and then it returns the "error" that you have been reported as a backscatterer.
So their system has not even a way of knowing if you intended to send a real backscatter message. Our system does source address validation and it gets listed the same way. (of course we have now changed the MAIL FROM for this operation so it cannot happen again)
THey could improve their system so much... they could capture the messages and make them available in the report, they could sync their clocks using NTP and return the event time in milliseconds instead of "10 minute intervals" (wristwatch time??), they could use UTC instead of "german time", they could separate the listings for true backscatter and other things the operator doesn't like but isn't backscatter (like source address verification).
The list goes on and on and on. But Claus is not interested in improvements. He has built himself a toy and he is proud, and he likes to send others away with blunt "go looking in your logfiles" messages, so nothing will change.
> Nov 10 14:47:47 s2 postfix/smtp[31840]: 6D6A9ADC050: > to=<postmas...@backscatterer.org>, > relay=unimatrix.admins.ws[213.200.254.243]:25, > delay=5.1, delays=0.38/0/1.2/3.5, dsn=5.0.0, > status=bounced > (host unimatrix.admins.ws[213.200.254.243] said: > 550 Access denied: 550 (V4.1-RULE-0615) > We have no user postmas...@backscatterer.org, > please call your recipient if you are in doubt of the correct > spelling. > (in reply to RCPT TO command))
HAHAHA!! I like that! I wonder what Claus will reply to this...
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
> My server isn't sending backscatter, mail sent to > unknown local recipients is rejected during the smtp connection.
> My server isn't doing sender callouts.
There are other things you can get listed for, and I'm sure you know it.
> One way it could be improved is to actually provide some headers of > the > allegedly offending email, rather than simply lecturing people about > backscatter.
I guess they don't want to make it very easy for people to find their spam traps.
> I see from the discussions on new.admin.net-abuse.blocklisting that > I > am not the only victim of your poorly designed and implemented system.
I have yet to see anyone prove they were wrongly listed, a false positive. Have you? Maybe the victims are the ones that receive the backscatter...
> Since you are lecturing people on 'good netizenship', that must mean > mail sent to postmas...@backscatterer.org will be read by a human. > However, I doubt it.
> This message was sent to postmas...@backscatterer.org.
> this was the result.
> Nov 10 14:47:47 s2 postfix/smtp[31840]: 6D6A9ADC050: > to=<postmas...@backscatterer.org>, > relay=unimatrix.admins.ws[213.200.254.243]:25, > delay=5.1, delays=0.38/0/1.2/3.5, dsn=5.0.0, > status=bounced > (host unimatrix.admins.ws[213.200.254.243] said: > 550 Access denied: 550 (V4.1-RULE-0615) > We have no user postmas...@backscatterer.org, > please call your recipient if you are in doubt of the correct > spelling. > (in reply to RCPT TO command))
> I'm sure the readers of this newsgroup realize that the RfC for smtp > requires that mail to postmaster@domain be deliverable to a mailbox > read by a human.
> BACKSCATTERER: forget about the mote in my eye, remove the beam from > your own.
Hmmm. I can't seem to be able to contact their mail server...
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
goo...@guscreek.com wrote: > My server isn't sending backscatter, mail sent to > unknown local recipients is rejected during the smtp connection.
That seems to be OK.
> My server isn't doing sender callouts.
Very good.
> (Of course, I could be mistaken, but I've diligently tested the > server, double-checked the configuration, and examined my logs. > Absent any specific info from backscatterer, e.g. a message id or > other identifying headers, that's all I can do.)
To be sure that you didn't oversee anything you might publish the hostname or IP address of your server so I can send a mail to this-user-does-not-exi...@yourdomain.invalid and see the error after RCPT and not in a separate message. -- Fred Mobach - f...@mobach.nl website : https://fred.mobach.nl .... In God we trust .... .. The rest we monitor ..
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
In article <slrnhfkuck.1qpl.nom...@xs7.xs4all.nl>,
Rob <nom...@example.com> wrote: >goo...@guscreek.com <goo...@guscreek.com> wrote: >> One way it could be improved is to actually provide some headers of >> the >> allegedly offending email, rather than simply lecturing people about >> backscatter.
>Remember that this silly system does not even collect the offending >mail. It gets the MAIL FROM, sees it is <> or <postmaster@*>, gets >the RCPT TO and then it returns the "error" that you have been reported >as a backscatterer.
>So their system has not even a way of knowing if you intended to send >a real backscatter message. Our system does source address validation >and it gets listed the same way.
They turned off VRFY because they intentionally chose not to provide that information.
By attempt to use RCPT TO to bypass their decision, your action is arguably a felony (access to a computer system in excess of authorization).
Seth
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
I reserve the right to publicly post or ridicule any abusive E-mail. Reply to domain Patriot dot net user shmuel+news to contact me. Do not reply to spamt...@library.lspace.org
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
On Tue, 10 Nov 2009 22:45:44 -0500, <goo...@guscreek.com> wrote: > My server isn't sending backscatter, mail sent to
If it's listed, then it is.
-- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.)
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
Martijn Lievaart wrote: > On Wed, 11 Nov 2009 03:45:44 +0000, google wrote:
>> I'm sure the readers of this newsgroup realize that the RfC for smtp >> requires that mail to postmaster@domain be deliverable to a mailbox read >> by a human.
> Only if the domain actually sends mail....
Sure about that?
Michelle
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
goo...@guscreek.com wrote: > My server isn't sending backscatter, mail sent to unknown local > recipients is rejected during the smtp connection.
Non-sequitur.
> My server isn't doing sender callouts.
Super.
> (Of course, I could be mistaken,
Noted.
> but I've diligently tested the server, double-checked the > configuration, and examined my logs. Absent any specific info from > backscatterer, e.g. a message id or other identifying headers, that's > all I can do.)
> However I'm not interested in having my server removed from the > list. That would be pointless, since it was put on the list > erroneously in the first place, it's highly likely it would just get > listed again.
But "Of course, [you] could be mistaken".
> Rather, I'm writing you to inform you that the system you believe to > be so perfect is a piece of crap.
You mean you don't like it? Don't use it.
> One way it could be improved is to actually provide some headers of > the allegedly offending email, rather than simply lecturing people > about backscatter.
That would be the sort of header that would enable backscatterers to identify the spamtrap IP and blacklist it?
But then anyone who was determined to backscatter could do so without getting listed, despite that their recipients may have decided they don't want such messages (and filtered them using BACKSCATTERER). That would kinda defeat the object, wouldn't it?
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
In <ef1fa3f6-8795-400c-9494-7812ad271...@z3g2000prd.googlegroups.com>, on 11/11/2009 at 03:45 AM, goo...@guscreek.com said:
>My server isn't sending backscatter,
Perhaps, but the smart money says thaat you are.
>mail sent to unknown local recipients is rejected during the >smtp connection.
What do you do with e-mail that is undeliverable for other reasons?
>(Of course, I could be mistaken,
In which case your rant is BS.
>However I'm not interested in having my server removed from the list. >That would be pointless, since it was put on the list erroneously in >the first place, it's highly likely it would just get listed again.
ITYM that since you haven't corrected the misconfiguration that got you listed the directions on the web site tell you to not ask for express delisting. You've alluded to the possibility that you might be mistaken; if you are[1], then you weren't listed erroneously and there is a point to getting removed by fixing your server.
>Rather, I'm writing you to inform you
TINY. This is just a news group where blocking issues can be discussed.
>that the system you believe to be so perfect is a piece of crap.
You can present your prejudices as facts all that you want; that doesn't make them true or even plausible. Since you started out with a demonstrably false description of your target audience, your claim has even less credibility than it would otherwise.
>One way it could be improved is to
Extend the timeout to 6 months. But since it's not my list, Claus has no obligation to take my advice. The list isn't there to educate inept admins, it's there to protect systems using it.
>I see from the discussions on new.admin.net-abuse.blocklisting that I >am not the only victim of your poorly designed and implemented system.
What you see is that many people whine about being outed when they mess up, and are heavily into denial. What I also see is ignorant posters ranting at the readership of this news group as if they controlled the DNSBL's that are discussed here.
>Since you are lecturing
You who? This is not UCEPROTECT.
>that must mean mail sent to postmas...@backscatterer.org will be >read by a human.
It does not mean that the human will agree with whatever drivel is in the e-mail, or that the human will respond to complaints that have nothing to do with UCEPROTECT e-mail. The postmaster mail box has a much narrower scope than, e.g., abuse, does.
>However, I doubt it.
Your guesses are irrelevant. Only facts matter.
>This message was sent to postmas...@backscatterer.org.
Is there a mail client or mail server in that domain?
>I'm sure the readers of this newsgroup realize that the RfC for smtp >requires that mail to postmaster@domain be deliverable to a mailbox read >by a human.
Some of those readers remember that the text doesn't say quite whate you want it to say; does UCEPROTECT have "an SMTP server supporting mail relaying or delivery" for backscatterer.org?
I reserve the right to publicly post or ridicule any abusive E-mail. Reply to domain Patriot dot net user shmuel+news to contact me. Do not reply to spamt...@library.lspace.org
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
>goo...@guscreek.com <goo...@guscreek.com> wrote: >> One way it could be improved is to actually provide some headers of >> the >> allegedly offending email, rather than simply lecturing people about >> backscatter.
>Remember that this silly system does not even collect the offending >mail. It gets the MAIL FROM, sees it is <> or <postmaster@*>, gets >the RCPT TO and then it returns the "error" that you have been reported >as a backscatterer.
>So their system has not even a way of knowing if you intended to send >a real backscatter message. Our system does source address validation >and it gets listed the same way. >(of course we have now changed the MAIL FROM for this operation so it >cannot happen again)
And you really believe you can get away with that? You are playing a more dangerous dangerous game and i hope you know it, do you? You qualify for listings in both Lists (UCEPROTECT L1 and BACKSCATTERER) that way.
In case you hit an invalid RCPT TO: Using a different MAIL FROM for Sender verify you are at risk to end up in UCEPROTECT-Level 1 if you hit enough traps or in case you break your DNS...
If that happens you will get a feeling how much more people are using Level 1 for blocking compared to Backscatterer :-)
In case you hit a valid RCPT TO: If you disconnect or drop without sending a real mail after you did go up to RCPT TO: you will of course get listed in Backcatterer again... Different to an invalid address you will not find in the log what got you listed that way.
If you would have read some of my earlier articles in nanabl instead of wasting your time to search for ways to circumvent our listings you would have known that.
>THey could improve their system so much... they could capture the >messages and make them available in the report, they could sync their >clocks using NTP and return the event time in milliseconds instead of >"10 minute intervals" (wristwatch time??), they could use UTC instead >of "german time", they could separate the listings for true backscatter >and other things the operator doesn't like but isn't backscatter >(like source address verification).
Oh the system is perfect for those that are using it. Why should we waste resources to accept crap we exactly know we don't want? Why should we give exact timestamps and tell people like you which server did list them for probing a valid address at RCPT TO?
>The list goes on and on and on. But Claus is not interested in >improvements. He has built himself a toy and he is proud, and he likes >to send others away with blunt "go looking in your logfiles" messages, >so nothing will change.
No our users are happy with the results, that is what we are proud of. It was never our intention to make abusers happy, so why should we help them to circumvent our listings while not stopping the abuse generated by their systems?
>> please call your recipient if you are in doubt of the correct >> spelling. >> (in reply to RCPT TO command))
>HAHAHA!! I like that! >I wonder what Claus will reply to this...
Why should a domain that is not used for email have a postmaster account?
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
Claus v. Wolfhausen <use-reply-to-mail...@remove-this.com> wrote:
> And you really believe you can get away with that? > You are playing a more dangerous dangerous game and i hope you know it, do you? > You qualify for listings in both Lists (UCEPROTECT L1 and BACKSCATTERER) that > way.
Is this a threat? Is it an official threat from UCEPROTECT or is it only from you personally?
Of couse we send our sender address verifications from another IP than we use for our incoming our outgoing mail, so getting listed is not a real problem.
What will be your reply to that? Another clever one?
> Oh the system is perfect for those that are using it. > Why should we waste resources to accept crap we exactly know we don't want?
Waste resources? Maybe you should finally accept that your Commodore 64 is no longer able to run your business and you need to upgrade to an Amiga!
>>The list goes on and on and on. But Claus is not interested in >>improvements. He has built himself a toy and he is proud, and he likes >>to send others away with blunt "go looking in your logfiles" messages, >>so nothing will change.
> No our users are happy with the results, that is what we are proud of. > It was never our intention to make abusers happy, so why should we help them to > circumvent our listings while not stopping the abuse generated by their > systems?
Here you confirm what I think about you.
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
>> This message was sent to postmas...@backscatterer.org.
> Is there a mail client or mail server in that domain?
There's an MX, ergo it's a mail realm. In theory, it's capable of producing internet mail nuisances such as mail loops, that would be a proper matter for the postmaster to deal with; so I'd say it should have a human postmaster.
> Some of those readers remember that the text doesn't say quite whate > you want it to say; does UCEPROTECT have "an SMTP server supporting > mail relaying or delivery" for backscatterer.org?
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
In message <slrnhfqbh0.17cr.nom...@xs7.xs4all.nl> Rob <nom...@example.com> was claimed to have wrote:
>Of couse we send our sender address verifications from another IP than >we use for our incoming our outgoing mail, so getting listed is not a >real problem.
You know what you're doing is abusive so you segregate it from your normal sending space so that blocklisting doesn't impact you, but yet you continue to operate in a method you know to be abusive.
That seems like a pretty reasonable justification for listing your corporate servers too, at least in blocklists that list more then actual abusive IPs.
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
DevilsPGD <DeathToS...@crazyhat.net> wrote: > In message <slrnhfqbh0.17cr.nom...@xs7.xs4all.nl> Rob > <nom...@example.com> was claimed to have wrote:
>>Of couse we send our sender address verifications from another IP than >>we use for our incoming our outgoing mail, so getting listed is not a >>real problem.
> You know what you're doing is abusive so you segregate it from your > normal sending space so that blocklisting doesn't impact you, but yet > you continue to operate in a method you know to be abusive.
I do not agree it is abusive. It filters a lot of spam, and I consider the impact on others to be neglible. Everyone can call a method of operation abusive, but that does not mean that all others will agree.
We also do greylisting. You'll probably call it abusive because it "wastes" mailserver sending queue resources. Too bad for you.
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
>>> This message was sent to postmas...@backscatterer.org.
>> Is there a mail client or mail server in that domain?
>There's an MX, ergo it's a mail realm. In theory, it's capable of >producing internet mail nuisances such as mail loops,
Only if it's capable of _emitting_ mail. We don't know that it is, and the person who should know says that it isn't.
Seth
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
>DevilsPGD <DeathToS...@crazyhat.net> wrote: >> In message <slrnhfqbh0.17cr.nom...@xs7.xs4all.nl> Rob >> <nom...@example.com> was claimed to have wrote:
>>>Of couse we send our sender address verifications from another IP than >>>we use for our incoming our outgoing mail, so getting listed is not a >>>real problem.
>> You know what you're doing is abusive so you segregate it from your >> normal sending space so that blocklisting doesn't impact you, but yet >> you continue to operate in a method you know to be abusive.
>I do not agree it is abusive. It filters a lot of spam, and I consider >the impact on others to be neglible. >Everyone can call a method of operation abusive, but that does not >mean that all others will agree.
It is abusive because you are trying to circumvent other peoples policies at their servers.
My server will not contact you because i do not know you.
If i do not allow VRFY because i do not want that spammers are able to do dictionary attacks, then it *IS ABUSIVE* if you contact my server and you are going up to RCPT TO for address probing.
The case is very similar to: I have secured a server with a password. If you connect there and probe passwords it is similar abusive.
>We also do greylisting. You'll probably call it abusive because it >"wastes" mailserver sending queue resources. Too bad for you.
That is a complete different thing. If you are greylisting, you are wasting resources at your customers. They have freely chosen to be in contact with you. I have not.
I'm not your customer and i don't want to be contacted by you. Therfore it is abusive that you connect to my server and play around there.
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
> DevilsPGD <DeathToS...@crazyhat.net> wrote: > > In message <slrnhfqbh0.17cr.nom...@xs7.xs4all.nl> Rob > > <nom...@example.com> was claimed to have wrote:
> >>Of couse we send our sender address verifications from another IP than > >>we use for our incoming our outgoing mail, so getting listed is not a > >>real problem.
> > You know what you're doing is abusive so you segregate it from your > > normal sending space so that blocklisting doesn't impact you, but yet > > you continue to operate in a method you know to be abusive.
> I do not agree it is abusive. It filters a lot of spam, and I consider > the impact on others to be neglible. > Everyone can call a method of operation abusive, but that does not > mean that all others will agree.
> We also do greylisting. You'll probably call it abusive because it > "wastes" mailserver sending queue resources. Too bad for you.
Spammers can use your mail server as part of a DDos attack against some system then. It is not about the resources taken *by you* but by thousands of other servers doing the same. Do you at least rate limit your SAVs? My bet is you don't :)
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
In article <slrnhfr55s.1hc9.nom...@xs7.xs4all.nl>,
Rob <nom...@example.com> wrote: >I do not agree it is abusive.
Your opinion is not relevant here.
> It filters a lot of spam, and I consider the impact on others to be neglible.
There is one person whose opinion about its impact on me matters. You are not that person.
Repeat umpteen billion times. Your opinion about impact matters only when it's about the impact on you.
>Everyone can call a method of operation abusive, but that does not >mean that all others will agree.
If _one_ of the victims of your pseudo-sending considers the impact on him unaccceptable, then it _is_ abusive.
>We also do greylisting. You'll probably call it abusive because it >"wastes" mailserver sending queue resources. Too bad for you.
Greylisting is not abusive, because it doesn't involves the resources of innocent third parties. The sender can retry or not at his option.
Seth
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
Seth wrote: > In article <hdj73c$pu...@news.eternal-september.org>, MrD > <mrdemean...@jackpot.invalid> wrote: >> Shmuel (Seymour J.) Metz wrote: >>>> This message was sent to postmas...@backscatterer.org. >>> Is there a mail client or mail server in that domain? >> There's an MX, ergo it's a mail realm. In theory, it's capable of >> producing internet mail nuisances such as mail loops,
> Only if it's capable of _emitting_ mail. We don't know that it is, > and the person who should know says that it isn't.
*We* know he said that, because he said so here, and we happen to read this froup. But the generic mail-admin who knows nothing of that list or this froup might reasonably inquire at postmaster@.
"Any system that includes an SMTP server supporting mail relaying or delivery MUST support the reserved mailbox "postmaster" as a case- insensitive local name." ~RFC 2821.
I'm having a little trouble imagining why one might create an MX record for an SMTP server that will never either relay or deliver. Note that the prose I quoted doesn't say anything about _emitting_ (for which one doesn't need an MX anyway).
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
I reserve the right to publicly post or ridicule any abusive E-mail. Reply to domain Patriot dot net user shmuel+news to contact me. Do not reply to spamt...@library.lspace.org
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
In article <slrnhfqbh0.17cr.nom...@xs7.xs4all.nl>,
Rob <nom...@example.com> wrote: >Claus v. Wolfhausen <use-reply-to-mail...@remove-this.com> wrote: >> And you really believe you can get away with that? >> You are playing a more dangerous dangerous game and i hope you know it, do you? >> You qualify for listings in both Lists (UCEPROTECT L1 and BACKSCATTERER) that >> way.
>Is this a threat?
It looks more like a prediction and description of the way those lists work.
>> Oh the system is perfect for those that are using it. >> Why should we waste resources to accept crap we exactly know we don't want?
>Waste resources?
It takes resources to accept mail.
>Maybe you should finally accept that your Commodore 64 is no longer able >to run your business and you need to upgrade to an Amiga!
Or maybe you shouldn't tell him how to use his resources. I don't see you offering to buy him hardware sufficient for him to do what you want rather than what he wants.
Seth
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
Fallout <ad...@ascomex.ro> wrote: > On Nov 13, 5:20 pm, Rob <nom...@example.com> wrote: >> DevilsPGD <DeathToS...@crazyhat.net> wrote: >> > In message <slrnhfqbh0.17cr.nom...@xs7.xs4all.nl> Rob >> > <nom...@example.com> was claimed to have wrote:
>> >>Of couse we send our sender address verifications from another IP than >> >>we use for our incoming our outgoing mail, so getting listed is not a >> >>real problem.
>> > You know what you're doing is abusive so you segregate it from your >> > normal sending space so that blocklisting doesn't impact you, but yet >> > you continue to operate in a method you know to be abusive.
>> I do not agree it is abusive. It filters a lot of spam, and I consider >> the impact on others to be neglible. >> Everyone can call a method of operation abusive, but that does not >> mean that all others will agree.
>> We also do greylisting. You'll probably call it abusive because it >> "wastes" mailserver sending queue resources. Too bad for you.
> Spammers can use your mail server as part of a DDos attack against > some system then. It is not about the resources taken *by you* but by
I don't see a simple connect and three commands as a DDOS attack.
> thousands of other servers doing the same. Do you at least rate limit > your SAVs? My bet is you don't :)
Your bet was wrong. We do cache the results.
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
>Fallout <ad...@ascomex.ro> wrote: >> On Nov 13, 5:20 pm, Rob <nom...@example.com> wrote: >>> DevilsPGD <DeathToS...@crazyhat.net> wrote: >>> > In message <slrnhfqbh0.17cr.nom...@xs7.xs4all.nl> Rob >>> > <nom...@example.com> was claimed to have wrote:
>>> >>Of couse we send our sender address verifications from another IP than >>> >>we use for our incoming our outgoing mail, so getting listed is not a >>> >>real problem.
>>> > You know what you're doing is abusive so you segregate it from your >>> > normal sending space so that blocklisting doesn't impact you, but yet >>> > you continue to operate in a method you know to be abusive.
>>> I do not agree it is abusive. It filters a lot of spam, and I consider >>> the impact on others to be neglible. >>> Everyone can call a method of operation abusive, but that does not >>> mean that all others will agree.
>>> We also do greylisting. You'll probably call it abusive because it >>> "wastes" mailserver sending queue resources. Too bad for you.
>> Spammers can use your mail server as part of a DDos attack against >> some system then. It is not about the resources taken *by you* but by
>I don't see a simple connect and three commands as a DDOS attack.
Multiply that by a few thousand simultaneous sessions and imagine what happens?
It's not so much that your server itself causes a DDoS, but rather, your server is used to anonymize the abuse since the victim will see he's being attacked by yourself and other SAV users rather then the attacker.
More importantly though, it's still not up to you to decide how much of *my* resources you can "borrow" to prop up your otherwise ineffective spam filtering.
>> thousands of other servers doing the same. Do you at least rate limit >> your SAVs? My bet is you don't :)
>Your bet was wrong. We do cache the results.
Caching != Rate Limiting.
An attacker might send "from" b...@victim.example then bob2@, rinse, repeat. A cache won't be useful here.
-- Comments posted to news.admin.net-abuse.blocklisting are solely the responsibility of their author. Please read the news.admin.net-abuse.blocklisting FAQ at http://www.blocklisting.com/faq.html before posting.
|
