On Sat, Aug 11, 2007, Ira Abramov wrote about "Re: @iglu list address no longer working": > > I'll make it as short as possible: if iglu.org.il accepts and forwards all > > incoming mail to a certain alias to to [EMAIL PROTECTED], which considers > > iglu.org.il a somewhat trusted host, that effectively turns iglu.org.il to > > well DUH of course it circumvents RBL tests for HUJI but
Let's not regurgitate over-simplifications and falsehoods (Ira, I'm not saying that you started this regurgitation or falsehoods - it goes through this entire thread as a "god-given truth", when in fact it is not god-given and not the truth). The easiest way to install an RBL test is to just look at the mail's incoming IP address. This is of course the easiest way, but NOT the CORRECT way. The correct way is to take into account legitimate forwarders, which you know are forwarding mail FOR YOU (these are not generally open relays - just relays for your mail). When you see a mail coming from such a forwarder's IP address address, you strip this Received: line, and look at the next Received: line and use that in your RBL test. Right, this complicates things, and means that you have to look at the entire message (you can't just close a connection before even starting to get the mail), but duh, spam complicates things. But if you do it this way - the right way - then all you need to do is to tell your configuration that iglu.org.il legitimately forwards mail to [EMAIL PROTECTED], and everything will be great, and you won't have to modify your configuration. You're worried that "huji.ac.il" won't let you change the configuration of their entire mail server for just one mailing list? Well, YOU DON'T HAVE TO. You can configure a separate spam filter (spamassasin, or whatever you choose) on just the [EMAIL PROTECTED] account, with its own filtering rules. > a. it would make a lot of sense installing RBL checks on iglu as well. It might, but then again, Huji will not be able to control these checks, and if these checks are too lenient (or vice versa, too strict), nobody in huji will be able to control it. In the way I suggest, everything remains entirely under Huji control. > b. it still won't explain why sending to the old iglu.org.il address > just eats up the message wihout sending a bounce that the address > either does not exist or that it has moved to huji. > I'm not blaiming you for the latter, this is of course directed to > whoever is in charge of the iglu machine. Actually, Ira, there's an issue with such replies: Noadays, most spam comes with falsified "from:" addresses, which are the addresses of random real people. So when you send such bounces to spam mails, innocent people get them. Some days I get about a dozen such "my address has changed", "you sent me spam", etc., messages a day, just because spammers used my address as From: I'm not saying there shouldn't be such a message (maybe there should), but this is an important implication to consider. -- Nadav Har'El | Sunday, Aug 12 2007, 28 Av 5767 [EMAIL PROTECTED] |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |Snowflakes are very fragile, but look http://nadav.harel.org.il |what they can do when they stick together! ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
