Re: Which Spam Block List to use for a network?
On Wed, Jun 23, 2004 at 07:33:52PM -0400, Blu wrote:
> On Wed, Jun 23, 2004 at 09:01:24PM +1000, Russell Coker wrote:
> > On Wed, 23 Jun 2004 18:23, Blu <firstname.lastname@example.org> wrote:
> > > Well yes. Maybe I oversimplified. What I do is a callback to the MX of
> > > the envelope sender to see if it accepts mail to him/her. If not, the
> > > mail is rejected with an explicative 550.
> > You aren't the only one who does that. I have found one other person who does
> > that and who happens to have their mail server in an address range that's
> > black-listed. So when I sent mail to them their mail server made a call-back
> > to mine, my server rejected that and their mail server then generated a 55x
> > code that tried to summarise the code from mine. Then my mail server took
> > that and made it into a bounce message.
> Of course I am not the first one doing this. In fact Exim4 has buitin
> capability to do so.
> > The resulting message was something that I could not decipher even though I
> > have 10 years of experience running Internet mail servers! All I could do
> > was post a message to a mailing list I knew the person was subscribed to and
> > inform them that their server was borked in some unknown way.
> :) Well, my approach is not that fancy. I just check if the callback
> passes the RCPT, and if not, issue a 550 with a short message telling
> that my host will not accept mail that cannot be answered.
you are receiving a message and you start callback to the mx if he passes
the rcpt test, but - the mx starts callback to you if you pass...
don't do this, this is a finger^H^H^H^H^H^H^Hn rcpt-war. and what is curious
is... what if yahoo would do rcpt checks and I forge some yahoo email? you would
try to rcpt-check yahoo? and they'd too... and I have put you in war with yahoo.