SMTP Attacks
Harold Hallikainen
harold at hallikainen.com
Tue Oct 31 21:03:05 UTC 2006
>>> On Tue, 2006-10-31 at 15:35 +0700, Budi Febrianto wrote:
>>>> Rick Stevens wrote:
>>>> >
>>>> > Nah, I don't publicly blacklist them...I just don't let them into
>>>> our
>>>> > network...and there are a few specific holes in that list for
>>>> legitimate
>>>> > servers that I know about.
>>>> >
>>>> > Spamhaus, however, are Nazis and should be sued.
>>>> >
>>>>
>>>> Why you say Spamhaus are Nazis? I use they services for many months
>>>> now.
>>>> Is there something that I don't know?
>>>
>>> Yes. God help you if you ever get on their list. It's damned near
>>> impossible to get off--even if you were incorrectly listed or can prove
>>> whatever was wrong has been fixed.
>>>
>>> They provide NO mechanism to unlist yourself or submit your site for a
>>> check (or didn't last time I checked), and if you were unfairly listed,
>>> they offer no apologies if they do take you off.
>>>
>>> Their blocks can be draconian...I've seen them list an entire /19
>>> network because ONE server had been compromised.
>>>
>>> I applaud their efforts, but the way they do things is really, really
>>> bush league. If you're going to label someone as a spammer based on
>>> someone else's say-so, you'd better provide ways to get off the list if
>>> you've been put on it. They don't, and that's why I consider them
>>> Nazis.
>>>
>>>
>>> ...ir attitude is "F*ck you...you're a spammer and will
>>> always be a spammer
>
>
>> Any comments on http://www.spamcop.net ? They seem to be working well
>> for
>> me. I can watch /var/maillog and watch spam being rejected all day.
>> Here's
>> one from a few minutes ago...
>
>> Oct 31 09:38:55 sujan sendmail[2169]: ruleset=check_relay,
>> arg1=OL88-54.fibertel.com.ar, arg2=127.0.0.2, relay=OL88-54.fiberte
>> l.com.ar [24.232.54.88], reject=553 5.3.0 Spam blocked see:
>> http://spamcop.net/bl.shtml?24.232.54.88
>
>
>> Harold
>
> hm, spamcop blocks too many addresses for me. so, I often
> got no mails from friends that send from big nets (like strato.de,
> aol.de, 1und1.de and so on). so I don't use it anymore.
>
> try these ones:
> dul.maps.vix.com, relays.orbs.org, opm.blitzed.org, rfc-ignorant.org,
> cbl.abuseat.org
>
> or if you have one more that's very good, just give me a hint :)
>
> thx & cheers
> oliver
>
>
>
>
>
I've only had trouble with one mailing list I subscribe to getting listed
on spamcop. I added this:
connect:mit.edu OK
to /etc/mail/access
A little more user friendly way to "whitelist" senders would be nice, but
this worked.
Harold
--
FCC Rules Updated Daily at http://www.hallikainen.com - Advertising
opportunities available!
More information about the Redhat-install-list
mailing list