Charles Gregory wrote: > On Fri, 8 Aug 2008 [EMAIL PROTECTED] wrote: >>> telnet isps-server 25 ... HELO bogus ... MAIL FROM:<[EMAIL PROTECTED]> >>> telnet victims-server 25 ... HELO isps-server ... MAIL FROM.... >>> If victim's SMTP server fails the DATA with a 5xx code, then >>> backscatter goes [EMAIL PROTECTED] >> .... it is not my problem what the ISP's mail server >> does with it after I send a 5xx. > > Well, first of all, yes it IS. It's *everyone's* problem. That forged > address could be on *your* server, and *you* get the backscatter from some > other victim system that also "doesn't care what the ISP does with it"... >
Heh, everyone is entitled to their opinion. Mine just happens to differ from yours. I have been at the other end of backscatter and it is by no means fun but when it happens I am fully capable of taking measures against as I would any other spam/virus source. This is where RBLs come in handy. >> If anything it encourages the ISP to virus filter their users and take >> care of abuse problems rather then silently sweeping them under the >> rug. > > Begging pardon, but just because someone uses a standard postfix config > and follows the standard 'recommended' practice of listing dial-up IP's as > 'trusted clients' does not mean they are 'sweeping' anything under their > 'rug'. It is just a choice made to minimize the performance hit of > scanning and filtering mail that is 99.99+% valid. I meant to imply that when the ISP does not virus filter and the recipient silently drops the message the problem never gets resolved because nobody is made aware of it. The ISP customer will continue to be infected and continue to send out garbage. I suppose this is all based on the assumption that the ISP even cares. Cause as everyone knows *all* ISPs care. Right? ;) > So thank you all, for stirring up some good serious thoughts! It has been entertaining. Steven _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
