Re: Anti-Spam ideas for usenet/list harvested email addresses
Jeronimo Pellegrini said:
>> > Make the list server PGP-sign the messages, maybe? You install the
>> > server key once, and never worry about it again?
>> If some small PGP/GPG data could be sent as part of a new EHLO syntax
>> command then OK, otherwise I'm in the DATA section again. It would have
>> be a standard before I'd use that.
> You want to reject the mail before it's queued. I like the idea, but
> more difficult to implement...
> I wonder how many MTAs would let you do this:
> - set up a mail for lists only
> - set up terribly-aggressive blocking with DNSBLs and other things (like
> requiring the reverse DNS), *only for that address*. Other addresses
> would not go through such restrictive tests.
I hope postfix does. I'm pretty sure it will, since it supports external
mapping programs. I don't know how complicated it will be, but I'm hoping
it's like this:
RECPT TO: user
User has entries in ~/.safe-list-only?
Does the data from MAIL FROM or HELO match an entry in the list?
Does the reverse DNS and forward DNS for the HELO match the list?
550 Error message.
>> The latest churn on debian-user about Spam hasn't been UCE spam. It's
>> worm spam. I don't know anyone personally who likes to recieve
>> code in their inbox but it persists. I don't see a near-term solution
>> convincing the individuals who write this code.
> Right, I forgot about that.
> Anyway... Blocking servers wouldn't help in the case of viruses, I think.
> Ordinary people get viruses, and the mail is sent through their (probably
> correctly configured) smarthost. Maybe something like Postfix
> header_checks? But that would also require some work :-(
My normal email address that was in my windoze using friend's outlook
express address book would still be vulnerable to email from the virus
running on his computer.
My list-only email address would be sitting pretty costing the mail server
very little by rejecting all email including ones generated by a friend or
some other mailing list subscriber. The only virus mail it should get is
the stuff that makes it through the mailing list server, and Debian's
servers do a very good job at filtering this. Since this address is the
one spread across usenet and many subscriber's address books, I think it
is the more important one to be restrictive with.
Trying out SquirrelMail