On Tue, May 11, 2004 at 04:25:11PM +0200, Wouter Verhelst scribbled: > On Tue, May 11, 2004 at 03:33:30PM +0200, Marek Habersack wrote: > > On Tue, May 11, 2004 at 03:17:54PM +0200, Bartosz Fenski aka fEnIo scribbled: > > > On Tue, May 11, 2004 at 07:49:19AM -0500, John Hasler wrote: > > > > > What you mention as a problem, the fake sender addresses, are really a > > > > > problem but, selfishly, I'd rather ignore that issue. > > > > > > > > Selfish isn't the word for it. I get damn near as many bogus bounces as > > > > spams. > > > > > > Yeah. I would kill every administrator which sets notify for sender > > > about viruses to the address from From: header with a pleasure ;) > > Well, that's a bit different story, isn't it? > > I don't see how. They both involve automated mails. They both involve > waste of bandwidth. They both result in annoyed people and a worse S/N > ratio in mailboxes of people completely and fully unrelated to the mail > the autoreply was replying to. > > How are they a different story? It is fair to assume that a virus mail has a bogus sender address, it is not as simple to assume that a mail scored higher than ham has a bogus sender address. Quite a chunk of mails scored below 4 by SpamAssassin are legitimate mails that have one or two traits that give them the score and yet they are perfecly legitimate. That's where are they different - virus notification has a high probablility of hitting an innocent person, unlike a tmda challenge. On our servers we silently trash the virus mails, without responding to them or generating any automated notification mail, that's obvious, and tmda is not used by default, that's obvious too. But for personal boxes I think everybody has the right to use tdma to protect them. Also, ISPs who blindly treat all bounces as spam should stop doing so, I think. Say, have you ever mailed Wietse Venema, for instance? If you did, then you know he's got an autoresponder that will write you back sometimes. Is that a spam? I don't think so. A certain part of tmda replies will miss the target, of course, but (again thinking selfishly) in total it will save me/you time we'd take to read the spam and classify it as spam. It will eliminate quite a deal of the mails which passed through the SpamAssassin (or other) filters. In the past 8 days, SpamAssassin let through to my box 293 messages it didn't tag as spam, 199 of them came to my debian address, all of the 199 through the debian mailing lists. 20s to open, read, tag, forward to sa-learn for each of those messages, I've wasted 66 minutes of my time. Is that a lot? Probably not for a week, but it's 57 hours/year, hours which could be saved for something better than reading stupid spam. And if you happen to send me a mail that will be scored above 1.0, then you will have to respond to the tmda challenge only once - your address will be whitelisted from that moment on (which, of course, opens up a possibility for forging your address by a spammer, that's given). One more thing to note - tmda challenges differ a bit from the MTA bounces, it is very easy to classify the mails based on that difference (again, another window for spammers, but you can't win it all) and all that remains to have is a bit of good will and understanding for people who use tmda and take that small effort to respond to the challenge (not to mention the responses to challenges can be automated as well). So, as long as you are free to be annoyed by tmda responses, I can be as annoyed by the spam I have to deal with. We both have our reasons, we both have equal rights and we both are free to do what we do and think what we think. regards, marek
Attachment:
signature.asc
Description: Digital signature