[H-GEN] Email filtering
Greg Black
gjb at gbch.net
Wed Sep 24 21:58:13 EDT 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
On 2003-09-24, Robert Brockway wrote:
> On Wed, 24 Sep 2003, David Duffy wrote:
>
> > Is dropping still better than rejecting even with known spammers?
> > I mean, if the get a reject, do they remove your address?
>
> Most of the time the headers are forged, so some poor innocent person gets
> the bounce message, not the evil spammer[1].
Just so that this is clear for people, if the message gets
bounced by the MTA or some SMTP filtering process, the bounce
does not go to the header address(es), but to the address given
in the "MAIL FROM" SMTP command (which, in the case of spammers,
is also frequently forged).
Some mail systems provide the details of the SMTP "MAIL FROM" in
a header such as "Return-Path" or "Envelope-From", or, for Unix
"mbox-format" mailboxes, as the "From " pseudo-header (note the
missing colon).
However, in all cases of spam, the only sane choices are either
to have the MTA reject it during the SMTP transaction with a 5xx
error message; or, if that's not possible, to just drop it on
the floor. Attempts to bounce it are just making the problem
worse.
Cheers, Greg
--
Greg Black <gjb at gbch.net> <http://www.gbch.net/gjb.html>
GPG signed mail preferred; further information in headers.
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list