[Asrg] where the message originated (was: DKIM role?) (SM)
Ian Eiloart
iane at sussex.ac.uk
Mon Jan 19 03:52:20 PST 2009
--On 15 January 2009 11:17:16 -0500 Rich Kulawiec <rsk at gsp.org> wrote:
> On Thu, Jan 15, 2009 at 02:57:59PM +0000, Ian Eiloart wrote:
>> Now, given that I haven't yet published SPF or DKIM records, I still get
>> lots of spam bounced into my domain. Who do I blame?
>
> Oh, that's easy. You blame the people running badly-broken mail systems
> that bounce instead of rejecting. Their IP addresses are contained
> in your logs and in the headers of the backscatter you're getting.
Well, that's the traditional answer. However, I don't now think that it's
reasonable. I *could* be publishing SPF records to tell them that the email
isn't from me, but I'm not. I MUST shoulder some of the responsibility.
>
> Fixing this problem is a straightforward exercise modulo a few edge
> cases -- but the practical impact of those edge cases can be minimized
> by judicious use of simple tools and procedures (e.g., cron, make, rsync).
>
> (Example: one of the common problems of this type comes up in multi-tier
> mail systems lacking LDAP or another directory service. The problem
> arises when an address becomes invalid on the internal system but is
> still considered valid on the external MXs. One easy solution to
> this is to use a script to grab the current-list-of-valid-addresses
> from the internal system at intervals, process it, and then rsync
> it out to the external MX's. This reduces possible backscatter due
> to this problem to "the set of recently-removed addresses" and further
> to "the subset of those receiving forged-sender mail during the
> interval between updates". It's thus possible to reduce the
> probability of backscatter arbitrarily by reducing the interval.)
>
> ---Rsk
> _______________________________________________
> Asrg mailing list
> Asrg at irtf.org
> http://www.irtf.org/mailman/listinfo/asrg
--
Ian Eiloart
IT Services, University of Sussex
x3148
More information about the Asrg
mailing list