From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1KiFhi-0005Ff-7j for garchives@archives.gentoo.org; Tue, 23 Sep 2008 21:45:54 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DB449E03B1; Tue, 23 Sep 2008 21:45:53 +0000 (UTC) Received: from ramonster.vanalteren.nl (cust.92.104.adsl.cistron.nl [195.64.92.104]) by pigeon.gentoo.org (Postfix) with ESMTP id 8F16DE03B1 for ; Tue, 23 Sep 2008 21:45:53 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by ramonster.vanalteren.nl (Postfix) with ESMTP id 4C07D38047 for ; Wed, 24 Sep 2008 01:03:11 +0200 (CEST) X-Virus-Scanned: by amavisd-new at vanalteren.nl Received: from ramonster.vanalteren.nl ([127.0.0.1]) by localhost (ramonster.vanalteren.nl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9TZADr0GN9QG for ; Wed, 24 Sep 2008 01:03:06 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by ramonster.vanalteren.nl (Postfix) with ESMTP id DECE03812B for ; Wed, 24 Sep 2008 01:03:05 +0200 (CEST) Received: from hurin.local (unknown [62.140.137.30]) (Authenticated sender: ramon@vanalteren.nl) by ramonster.vanalteren.nl (Postfix) with ESMTP id CB59238047 for ; Wed, 24 Sep 2008 01:03:04 +0200 (CEST) Message-ID: <48D96385.2070305@vanalteren.nl> Date: Tue, 23 Sep 2008 23:45:41 +0200 From: Ramon van Alteren User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070807) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@lists.gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 To: gentoo-server@lists.gentoo.org Subject: Re: [gentoo-server] SPAM protection by requesting confirmation References: <000201c91cc6$e3ef8f80$9700000a@dbshzbmemjzd2d> <48D7B8F9.8090009@gentoo.org> <200809221953.59988.bangert@gentoo.org> <20080923192534.GF1757@home.power> In-Reply-To: <20080923192534.GF1757@home.power> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 7696e0ce-e83f-4923-b6e1-b23e804c85b8 X-Archives-Hash: 0493e4aed9a3262b7de283344d4774d6 Alex Efros wrote: > Hi! > > On Mon, Sep 22, 2008 at 07:53:57PM +0200, Thilo Bangert wrote: >> i've heard of cases, where spammers used the subscribe address of >> mailinglists as envelope sender. an out-of-office reply is sent to the >> subscribe address from the target of the spam - the mailing list software >> sends a confirmation mail - the autoresponder correctly authorises the >> the subscription request. >> >> ...but then again, thats what you get for sending out-of-office >> autoresponses. > > Sorry for OT, but I wanna install spam-protection tool based on > confirmation email request (somebody send me email, my tool delay that > email and automatically reply requesting confirmation, he confirm, my tool > receive that confirmation and: 1) add his email to while-list; 2) deliver > his initial email to my mailbox). I'm aware about several such tools, but > I'm not sure how they handle incoming emails from other robots - like mail > lists, or some news subscriptions and notifications from websites. > > I just don't wanna put myself in position like other people who spam > maillists I read with senseless messages from their tools like > autoresponders or so... > > Can anybody recommend me tool which is able to correctly handle these cases? > To be honest, I don't see a way to realize this feature... :( > Ability to protect all accounts at our email domain is good to have, but > personal-only tool is acceptable too. (I use qmail, if this is important.) > I would recommend not to implement such a tool. 1) I wouldn't send you mail anymore if you made me jump through hoops to confirm that me is actually I. 2) I personally think it's a stupid way of dealing with the problem 3) I can't see any way to get them to work with lists 1) and 2) are obviously very personally biased & opinionated :-) Judging from the mail/spam volumes at my work, you might be very happy if you just implemented grey-listing. This basically tells every new sender of email (or email-address, depends on implementation) to go and come back in 5 minutes. It sends a 4xx status code, which tells the sender that the mailserver is currently unable to accept mail, but will do so in a short while. Most greylisting tools automaically whitelist senders if they come back for a configurable period of time. Since most spammers, virii and other bogus mailsenders do not implement a full queue-ing system to redeliver mail at a later time if they receive a 4xx response they bugger off to harass other poor souls on the internet. Since most legit mailsenders actually use a mailserver with a queueing system they resend the mail within the specified period and mail gets delivered. As a bonus, it's absolutely low-impact on your mailserver wrt performance. Dropped spam ratio with > 60% for me, the rest is taken care of by the usual combination of (automated) blacklisting and spamassasin. If you use postfix it is as simple as emerge postgrey and go read the manual. Just my 2 cts Ramon