On Mon, Dec 20, 2004 at 08:45:48PM +0100, Nick Askew wrote:
Hi,
I have MDaemon installed and lately it has been working wonders to reject spam. However I've noticed that all it does is bounces the mail back to the person who supposedly sent it. Now we all know that it is almost always some innocent address or a fake address and so best case the bounce is pointless and worst case some innocent person is being bombarded with mails.
AFAIK most daemons respond with a 5xx error when it gets a successful surbl result. I dont see this as being any different than normal RBL's which give an error on connection.
I'm relatively new to all this so please forgive me if this has been suggested before or indeed if it is simply possible with other mail servers. It occurs to me that we could list the various abuse addresses of the ISP hosting the black listed site and this could be returned when a match is found. If the server software then bounced the mail not to the sender but to the abuse address we would seriously start to affect these ISP's.
Most of these domains either dont have abuse addresses, nor care about any abuse email that rolls their way (the're just dummy domains who only exist for a month to spam, then die).. What you are suggesting is going to result in my server queueing the message (rather than just returning a 5xx half way through the SMTP conversation) and sending it to a (probably bogus) abuse address, which will bounce..
It seems to me this is not like the lycos solution because we are only sending a mail when we receive a mail that mentions a spam url. The result is that the more spam they send the more mails they receive from us, the less spam they send the less mail they will receive and no innocent addresses are affected.
The 5xx response goes back to the senders SMTP server, its up to that server what it wants to do it. It can silently drop it, or bounce it to the sender.
A better solution would be to have the mailer daemon do a wget on the URL in question once it gets a surbl hit.. Thats more of the Lycos solution.. heh
There is a drawback to SURBL and that is that someone could end up black listed wrongly. This mechanism would add insult to injury but lets face it if I wanted to get at xyz.com I'd send out a bunch of spam as if it came from jdoe@xyz.com advertising xyz.com and wait for the them to appear on the black list and then send out more spam and now watch their ISP get really upset with them as the bounced messages end up with them.
Thats true, but all blacklists AFAIK have to be manually added... Thats (i think) how things like this are dealt with.
Frank