[Gambas-user] List status (fwd)

Christopher Brian Jack brian at ...1334...
Mon Aug 14 17:12:19 CEST 2006


On Mon, 14 Aug 2006, Christopher Brian Jack wrote:

This is off topic but on the topic of spam have any brave souls found a
way to make a DB-driven ipchain setup?  It's not easily done to make a
sendmail rejected-servers list to also act as stealthed-port 25 rules in
any ipfw rule file that I know of.  I frequently get DOS attempts by spam
scripts that run scripts that try to attack my machine with 1000+ rejected
mail server exchanges at one time (and such poorly written code rarely
checks for failed results and to take them off the send list - if I
stealthed it then their systems would be waiting minutes-per-attempt and
would most likely exhaust available outbound connections thus not being
able to spam anyone else while waiting for timeouts).

PS: the rule file allows for 65k or so entries.  My *local* blacklist (let
alone sorbs or spamhaus) is getting sizeable itself.

Are there other approaches to this problem?  Considerable bandwidth goes
to talking to spammers even if it is to refusse any attempt by their IP
number to send mail to my server.

I'm sure I'm not the only one that has this problem as a renter of email
and http/htps/db services for people needing an affordable internet "pad"
where they can build a site.

> Date: Mon, 14 Aug 2006 06:45:43 -0700 (PDT)
> From: Christopher Brian Jack <brian at ...1334...>
> To: mailing list for gambas users <gambas-user at lists.sourceforge.net>
> Subject: Re: [Gambas-user] List status (fwd)
>
> I think at some point while blackilsting 30+ spams from my inbox I
> inadvertently ended up getting a gambas list mail mixed up in the
> blacklist while forwarding each individual spam to the black box.
>
> Spam seems to be using a new relay technique now too: falsify origination
> headers and send to a server they know will bounce the message.  The
> bounce goes to the falsified location (the intended spam recipient) and
> the server figures it's quelched a spam when in reality it just relayed
> one via the "bounce".  I can recognize this when I get servers my mail
> server is not configured to talk to for outbound mail (all other outbound
> port 25 access, except to my ISP upstream smtp superhost, is blocked at my
> router for the entire network behind the router--and then only one machine
> is allowed to make outbound SMTP to the superhost server).
>
> This pretty much guarantees me any bounces that aren't identified as from
> my ISP's superhost are effectively, themselves, spam.
>
> .=================================================.
> |  Christopher BRIAN Jack aka "Gau of the Veldt"  |
> +================================================='
> | brian _AT_ brians-anime _DOT_ com
> `=================================================-
> Hi Spambots, my email address is sputnik at ...1334...
>

.=================================================.
|  Christopher BRIAN Jack aka "Gau of the Veldt"  |
+================================================='
| brian _AT_ brians-anime _DOT_ com
`=================================================-
Hi Spambots, my email address is sputnik at ...1334...




More information about the User mailing list