On Fri, 2002-10-25 at 04:37, Alvin Oga wrote: > > hi paul ( again ) > > On Fri, 25 Oct 2002, Paul Johnson wrote: > > > > donate to any of the rbls that is used ... or any other open development > > > cause > > > > Of course. Though do so directly. > > yup... always give to the end user of the funds.. > ( http://www.debian.org/donations in the case of debian ?? > ( buy tshirts and stuff from them ) > > > > > > > - stop spam at the mta ( sendmail, exim, postfix, etc ) > > > > > - i want the spam to bounce back to the spammer and > > > > > clutter their logs w/ bounced messages and their own spam > > > > > > > > bl.spamcop.net is a good RBL for that. > > > > > and if bl.spamcop.net sends bounes back to the spammer ... good, > > > we should all bounce spams ... ( as opposed to quietly dropping it ) > > > - let them fill up their logs with their own spam > > > > Exactly. I'd love to know how to make exim give the correct SMTP > > error for RBLs according to RFC 1893 (it would be 571, btw), the > > desired response would be something like > > since most spammers use open relays .... those open relays are hopefully > getting all my bounce emails ... and if the spammer used their legit > email addy, than i know they are getting the bounces > - if i send an email that bounces, i get all kinds of stuff > including the original email sent I'm dealing with a twit that sends out highly offensive emails to lists of addresses harvested from somewhere, with requests for delivery receipts to be mailed to an address that is actually an otherwise dead Usenet newsgroup. His intention? Indicating which addresses are alive for referral to other address harvesters. He does have a remove message on these emails, accessable only by phone or snail mail and accompanied with threats to discredit the recipient if they do request removal or involve an ISP abuse department. I have delivery receipts shut off, so I should be avoiding that flagging, but otherwise, all the bounces are ending up in a newsgroup he can review at his leisure. > > > 571 F*ck off, spammer! (Or email postmaster at your ISP with this message) > > > > And then give the standard RBL text that tells them to hit that RBL's > > site to see why they were blocked. > > think the error mesg for any of um can be changed... at least i do so in > sendmail > > i only see that an incoming spam was logged from who and which > domain/relays and nothing in my mailboxes > > c ya > alvin > > -- standard error/reject messages > - no reverse dns > - bad/mailformed message header > - rbl checks... > ... blah .. blah ... > > more rules i check before checking subjects > http://www.Linux-Sec.net/Mail/antispam.gwif.html > > > subject based (check_local) anti-spam filter i use with sendmail > ( 5 minutes to setup sendmail > ( 5 years ?? to make your messages :-) well 5 hrs ... > ( and wait dayz for some spammer to trip up on that errr message > > -- i use errror message 553 for these > ----------------------------------------- > > -- if they send me prescription spam... > - they are notified that they need a MDs license > > -- if they send me credit repair scheme... > - they are required in california to have a PPB license > > -- if they send me get rich quick scheme... > - they are told that the mail has been forwarded > to fbi, ftc, etc > > -- if they send me spam about mortgages rates ... > - they are required to have a real estate license What is it with mortgage spam? One of the first I got (outside of Spamford Wallace's velveeta) was Mortgage Broker stuff, and my filter logs indicate that it comes from nearly as many sources as all of the porn spam sent my way. This list posting is the first time I've spoken online of mortgages, so why they think I or *anyone* cares is beyond me! > > -- if they send me spam about insurance.. > - they are required to have an insurance license > > -- if they send me spam about stocks... > - they are required to have an SEC license > > -- you get the idea .. > > -- all "licensed activity" violations are great.... > - the spammer is in a heap of trouble for practicing > without a license > > > -- i seem to get less of of these spam nowdayz (in the log entries) :-) > --------------------------------------------- -- Mark L. Kahnt, FLMI/M, ALHC, HIA, AIAA, ACS, MHP ML Kahnt New Markets Consulting Tel: (613) 531-8684 / (613) 539-0935 Email: kahnt@hosehead.dyndns.org
Attachment:
signature.asc
Description: This is a digitally signed message part