| 1 |
Hi Ramon, |
| 2 |
on Tue, Sep 23, 2008 at 11:45:41PM +0200, you wrote: |
| 3 |
> I would recommend not to implement such a tool. |
| 4 |
> |
| 5 |
> 1) I wouldn't send you mail anymore if you made me jump through hoops to |
| 6 |
> confirm that me is actually I. |
| 7 |
> 2) I personally think it's a stupid way of dealing with the problem |
| 8 |
> 3) I can't see any way to get them to work with lists |
| 9 |
|
| 10 |
I agree that this is not a good solution, however there is a pretty |
| 11 |
simple rule that would make any such autoresponding tool work with |
| 12 |
mailing lists: just don't reply to anything with a "Precedence: bulk" |
| 13 |
header. Of course while that's a failsafe way for out-of-office |
| 14 |
programs, you'd need to effectively whitelist bulk mails, giving |
| 15 |
spammers the possibility of bypassing your filter. They're not very |
| 16 |
likely to do that but it's a small part of why this "solution" is |
| 17 |
bad. |
| 18 |
Once in a while we come across a customer with such a system at work |
| 19 |
(ISP abuse dept.), and it's usually not very nice. Our ticket system |
| 20 |
sends some notification (like "You've probably been hacked/have a |
| 21 |
trojan, check this and that"), the autoresponder comes back with "please |
| 22 |
confirm your mail by doing XY") which a) pisses off the operator because |
| 23 |
they have to manually check the ticket and b) probably doesn't work |
| 24 |
anyway because that the ticket system (having an automatically-set |
| 25 |
subject and stuff like that) can't do it anyway. So the account will |
| 26 |
likely be locked and we just wait for the customer to call. |
| 27 |
What you can easily do, in order of personal (well, I don't run my own |
| 28 |
mail server any more) preference: |
| 29 |
- block dialup ranges |
| 30 |
- use IP blacklists like SORBS |
| 31 |
- use SpamAssassin, possibly with more blacklists like SURBL |
| 32 |
- check DomainKeys and/or SPF headers for scoring |
| 33 |
- use greylisting |
| 34 |
|
| 35 |
cheers, |
| 36 |
Matthias |
| 37 |
-- |
| 38 |
I prefer encrypted and signed messages. KeyID: FAC37665 |
| 39 |
Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 |
Archives