In message <[EMAIL PROTECTED]>,
"David W. Tamkin" <[EMAIL PROTECTED]> wrote:
>Ronald Guilmette told me,
>
>| You misunderstood.
>
>Thank you for explaining a little further, but I still don't understand.
>
>| The response would go back to the original mail sender... not to postmaster.
>
>So you do not notify the people operating the open relay that their relay is
>open...
Not directly, no.
Notifying the local users at the open relay site is better, because they
will complain and get action. If you notify the local postmaster, he will
(jsut as often as not) merely scratch his <<unspecified body part>>, shrug,
and say to himself ``Yea... I gotten get that fixed. Probably have time
to work on it in early August.''
> but rather you write to the originator ...
>Then the autoresponse isn't unsolicited, and I see that now;...
Good.
>while it may not come from an address to which the sender
>wrote, it was a report on the transmission of mail that he or she sent. Now
>I understand...
Good.
>But I'm still puzzled. What do you say in the autoresponse? "You used an
>open relay"?
Probably something polite and friendly like:
Dear End Luser,
Did you know that your local mail system administrator is
either as lazy as a sloth or else brain dead, or both?
The local mail server you are using is open for rampant
abouse by any Tom, Dick, or Spammer on the Internet, and
this is due entirely to the fact that your local postmaster
is either too lazy or too stupid to fix it.
Regards,
The Management
Well.... OK, so maybe it won't be phrased quite like that. But you get the
idea.
>The sender already knows that...
No. 99 times out of 100, an end user at the sending site DOES NOT know
that his local mail server is an open relay. In fact 90 times out of 100,
then won't even know what that even means exactly. So we will just tell
them that their local mail server is f**ked up, and that they should tell
their local mail server admin about that ASAP.
>What, then, do you say to the sender...
See above.
>... and how can you be sure you're getting
>the real sender and not a victim of forged headers or forged envelopes?
Not my problem man.
Look, you are trying to make an issue out of a non-issue.
Sure, often spammers will send out (say) 100,000 message, all with forged
sender envelope addresses of <[EMAIL PROTECTED]>. In such cases,
what happens to all of those message that are undeliverable? An attempt
is made to bounce them back to <[EMAIL PROTECTED]> and those
attempts go nowhere. Result? No harm done, or else it all ends up in
the mailbox of the postmaster for the open relay server that got hijacked...
which serves him right for being such a dunce to run an open relay in the
first place.
But other times spammers will try to annoy and harass some anti-spammer,
e.g. <[EMAIL PROTECTED]> and will send out a big spam run with *this* address
forged onto all of the envelopes. Result? I get treated to maybe 50,000
bounces from messages that I never even originated. This happens from
time to time, and it is actionable (legally) whenever it does happen,
because it is a clear Denial-of-Service attack on me and on my server(s).
So if everybody on the planet statred using the kind of ``open relay noti-
fications'' I mentioned TOMORROW (which isn't likely, but we will ignore
that fact for the moment) then if a spammer hijacked a relay in Tasmania
_and_ put _my_ address on the outgoing spams, I would get 50,000 bounces
_and_ also (separately) 50,000 IMRSS open relay notifications. Does this
make me really a whole lot worse off than if I _only_ got the 50,000 bounces??
Nope. Not really. I am drowing in a sea of crap either way, and it is a
Denial-of-Service attack on me either way. In short, the addition of the
IMRSS notifications doesn't really make a big difference either way, even
in this highly unlikely scenario.
Bottom line is that (as I said) you are just nit picking. This is a non-
issue.
>Also, if you aren't telling the operators of the open relay that their relay
>is open, does anybody tell them?
Presumably, the local lusers will, if not immmediately, then eventually.
Eventually, they will get tired of rceiving the notifications whenever they
send outgoing E-mail, and they will then bitch to the local mail system
admin to fix the problem.
Result? The open relay gets closed, and that leaves one less open relay
on the net for spammers to screw around with.
-- Ron Guilmette, Roseville, California ---------- E-Scrub Technologies, Inc.
-- Deadbolt(tm) Personal E-Mail Filter demo: http://www.e-scrub.com/deadbolt/
-- FREE Web Harvester Protection - http://www.e-scrub.com/wpoison/ - Try it!
-- FREE DynamicIP Spam Filtering - http://www.imrss.org/dssl/ - TELL YOUR ISP!
