RE: Spam Control Considered Harmful

Mailman List Mirror (Read Only)
1

Im not sure of your logic about disabling the "invalid in-addr.arpa"
filtering from your sendmail. I wouldn't do it for just one of my
customers and expose the rest of my customers to spammers that
intentionally try to hide themselves by faking a return address and/or
masking their relay server with a bogus name. I would tell that one
customer to have their constituent with no reverse DNS to get there
setup corrected because:

a. It is a proper and complete DNS config to have reverse mapping to
your ip
b. It makes all data originating from it accountable (not just spam but
smurf attacks, DOS attacks, port scans/Satans etc.)
to the organization/person responsible for the forward and reverse zone
(if they match)
c. It gives other ISP's and businesses the choice to filter or not
filter. If one of us makes policy to make exceptions for a customer,
then they tell other customers who tell other customers who tell other
potential customers that an ISP should not filter e-mail on this
premise.

Let the 1 in 5 people in the Internet who are either lamers who don't
know how to do reverse DNS properly or too lazy to do it keep their
problems as their problems and not ours. Already there are a ton of TCP
wrapper applications, FTP sites, telnet sites, Netscape U.S. Encryption
pages for Navigator, etc that will not allow access with improper or
non-existant reverse DNS entries. Would you consider not doing
gethostbynames on your entire web server because one of your web clients
wanted their mis-configured customers elsewhere in the internet to have
that much faster access on web pages which would also give the rest of
your customers stat pages full of IP's only ?? I wouldn't......

None of my customers have complained about us filtering the
misconfigured in-addr.arpa people. 80% of my customers are business who
exchange a lot of mail with other businesses on the net, maybe they
don't care ? I dunno.

As for responsible service providers disconnecting abusers, we have
disconnected around 10 of them so far. I guess wer'e luck we haven't ran
into a Spamford Wallace yet huh ?

Just my opinion, thanks for tolerating it.

Paul Peterson, WinterLAN Inc.

2

Im not sure of your logic about disabling the "invalid in-addr.arpa"
filtering from your sendmail. I wouldn't do it for just one of my
customers and expose the rest of my customers to spammers that
intentionally try to hide themselves by faking a return address and/or

Heh...and I thought it was a great _new_ idea of mine. :slight_smile:
I did try to explain to the client why the rule had been instituted,
though I don't think he grasped it, and let him know that I would only
remove it temporarily and that I would notify his correspondant of the
problem and let them know they need to fix their problem.

a. It is a proper and complete DNS config to have reverse mapping to
your ip

Some providers make it very difficult to get this setup, and if you're cut
off from most of the net because your provider is lame, that would suck.

problems as their problems and not ours. Already there are a ton of TCP
wrapper applications, FTP sites, telnet sites, Netscape U.S. Encryption
pages for Navigator, etc that will not allow access with improper or
non-existant reverse DNS entries. Would you consider not doing
gethostbynames on your entire web server because one of your web clients

For these things, I can just tell people the client networks are broken
and even give them clues to help fix things...but for the in-addr.arap
mail thing, the issue was "it worked last week...why can't we get mail
from them now?".

As for responsible service providers disconnecting abusers, we have
disconnected around 10 of them so far. I guess wer'e luck we haven't ran
into a Spamford Wallace yet huh ?

We terminated someone recently for spamming through an account elsewhere. :slight_smile:
She had the misfortune of spamming a huge list of invalid email addresses
from another provider using an account setup to forward her mail to her
FDT account. We got burried in bounces...most from aol. The provider
forwarding the bounces to us ended up shutting off smtp for a few days.