[clue-admin] Fwd: [spry.com #430594] [SpamCop (64.79.210.234)
id:3189128524]The results of your email commands
Jed S. Baer
cluemail at jbaer.cotse.net
Fri Jun 13 20:27:16 MDT 2008
On Fri, 13 Jun 2008 19:50:09 -0600
David L. Anselmi wrote:
> I'm pretty sure the bounce came from us. Spamcop can probably tell
> that they got a bounce they didn't ask for so I suspect they're in the
> right about this.
Yes, the bounce came from us. That part is unsurprising, considering that
that's how the lists are set up. What bugs me is that really, there's no
way to "win" this. That's why joe-jobs are worse than other spam. We
didn't "orginate" this, unless we've been r00tkitted again, or there's an
exploitable bug in postfix or Mailman. We try to run a polite list, where
we have the list inform people they have to be subscribed. I don't think
we deserve to be RBL'd, but Spamcop might do that.
So, we either set the lists to send unsubscribed messages to moderation,
or just drop them. Moderation won't work, because nobody will want to do
that job.
> Is it time to have Barb Dijker come give a talk on preventing spam?
> Maybe it was FRUUG I heard her at rather than CLUE or BLUG.
Barb spoke to CLUE in 2001 or 2002. But I think we need more in-depth
help than a 1-hour CLUE presentation.
FWIW, I guess I'll start learning Postfix. Some of the articles out there
are too outdated to be of use, and I might, on occasion, b0rk the mail
server temporarily as I learn by doing, but we can't just let this sit.
I'm still hoping to hear back from Chris Hirsch. I figure that blocking
dialup netblocks, using a couple RBLs maybe, requiring legit HELO/EHLO
messages, and other such will help a lot. And it'll weed out the volume
of crap needing to be filtered by Spamassasin, which I think we should at
least investigate. No idea how long all this will take me. If someone has
a good, up-to-date, Postfix book to loan, that'd be nice.
I'll also set the lists to drop unsubscribed messages -- I think that's
possible. It'll suck for a few people a few times here and there. But
it'll be time-efficient, and I think that's what we need.
I have a friend who's a security geek, and quite knowledgable about
Linux, as well as other OS's -- I'd hate to have him attacking my
network, but fortunately, he's a good guy. I'll probably hit him up for
some advice too. We're not behind Linux-ETCs firewall any more, and we
ought to be paying more attention to security.
jed
More information about the clue-admin
mailing list