As the manager of a blocklist, I find myself strongly agreeing with
Larry and Keith.
Autoresponders are a nightmare - I see lots of brokenness every single
week. Including auto-responders with no headers that indicate the
message was an automated response at all. I had one last week that was
autoresponding to all sorts of forged spam with a notice that the user
had left the company.... in 2017.
> Thought did go in to this, really. My logic is “never reject when
you can use it to feed spamtraps”. :)
Then use a milter that can save the message at end-of-DATA and reject
the message at dot. You get to feed it to your spamtrap and the
internet will thank you for not adding to the problem of responding to
forged messages.
As for the reasoning behind a spammer going to the effort of VERP, it's
not exactly hard for them to do - what if there was some software or
service somewhere that treated messages sent with VERP differently to
regular messages? Maybe this spammer discovered this (and I'm sure
it's probably true somewhere) and uses it to improve their
deliverability to some places.
Kind regards,
Steve.
--
Steve Freegard
Senior Product Owner
Abusix Intelligence
On 07/11/2021 18:58, Dan Mahoney via mailop wrote:
On Nov 7, 2021, at 7:18 AM, Larry M. Smith via mailop
<[email protected]> wrote:
On 11/6/2021, Dan Mahoney (Gushi) via mailop wrote:
All,
I have email for my whole domain. I'm typically known to sign up
for services with vendor@mydomain, so that when an email gets
retired or leaked, I route it to /dev/null, or in the event of a
leak, retire it from the original place (say, [email protected])
and auto-route it to spam reporting and bayes learning.
One of my older ones: [email protected] was a general purpose one,
and thus for that one, rather than just routing it straight to
sa-learn, I put in an autoresponder saying "the spammers won this
address, if you really want to contact me, use this".
Here's the thing though.
Spam is coming to me with VERP'ed addresses. It's getting
autoresponded to. Those autoresponses are then bouncing back to me
as undeliverable.
So...you're a spammer. You're going to the trouble to do VERP.
You're throwing the responses on the ground, or even blocking their
receipt. Or your VPS got suspended (which I'm sure you saw coming).
What's the bloody point here? I mean, I know there doesn't have to
be one, buy I'f love to hear ideas as to what the possible use case is.
I mean, logically, one thing I could do is have my autoresponder
detect the verp'ed format to this address specifically, and not
attempt to respond to it (and in fact, I could report on/train on it).
The autoresponder is for legitimate humans trying to contact me
directly (i.e. nobody who will use verp). In the few years since I
realized this address was a lost cause, nobody's tried. (Although I
have started getting spam at gushi2015@domain, so that's some
intelligence).
You might find a better operational experience by just rejecting the
messages in SMTP post DATA with a URL for a whitelisting web page. E.g.;
I got the suggestion to reject at SMTP time from two different people.
I’ve been running mail for 20+ years now, and there was logic to why
I didn’t.
I can’t control the subject of nondelivery reports. Worse,
nontechnical users do not know how to read non-delivery reports. (Ask
me how I know). In my initial message, I had said that some number of
people used this address (remember, the LHS was danm@ not
somecompanyname@).
Ergo, I wanted to give some amount of time where mail would still come
through (and be captured) versus an outright reject. Thought did go
in to this, really. My logic is “never reject when you can use it to
feed spamtraps”. :)
-Dan
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
