El 21 May 2004 a las 17:33, Chr. von Stuckrad escribi�: > On Fri, May 21, 2004 at 12:10:49PM -0300, Mariano Absatz wrote: > > Now, one of the things people do to avoid being identified as spammers is > > to > > manually use their hotmail or yahoo accounts. > > > > As I just witnessed a most innocent message hit by various RBLs, after > > confirming the message was actually sent via webmail I noticed Yahoo and > > hotmail are adding a sintactically valid trace header > > (Received:) stating the IP address from where it received the > > message: > ...[example removed]... > > To me this looks like an even more general problem! > > Horde-IMP (typical small wemailer) does the same, it > adds a received-Line, which IP inserted the mail via > Web-Browser. > > So IF some host is banned via RBL, it's banned via > webmail too, and if Providers add the same line for > authenticated SMTP, it would simply be impossible > to mail from 'Home'/Dialups AT ALL! > > So it seems to be a general BAD THING to add the > IP-of-sending-host IF the sender ist fully authenticated > by an account! (How to explain that to the Providers > and Authors of MTAs?) > > Stucki (postmaster at mi.fu-belrin.de)
Mmhhh you're right... in fact I'm doing the same thing with my SMTP authenticated users... I just found this thread http://marc.theaimsgroup.com/?t=108386957400002&r=1&w=2 that is totally related to my problem... I'm using zmailer + MailScanner + SpamAssassin... I don't think I'll be able to convince hotmail, yahoo, and the developers of MTAs and webmail servers into changing their headers real soon, so I'm evaluating some alternatives... I could eliminate all RBL checking, but I really don't want to... I'm happy doing RBL within SA and not within MailScanner or ZMailer, since I'm able to fine tune some things (if I did it within MailScanner, it'd be spam if any configured RBL hit, if I did it within ZMailer, not only that, but I'd be rejecting the message altogether)... Regretfully, I'm not at all in a postion to say "if the offending ISP doesn't fix their filtering policies we don't accept mail from them", because a lot of our customers would start considering our antispam service a disservice... maybe that will change, but not too soon. Now... this server act ONLY as an MX server... that is I only accept messages for our domains and our own customers relay thru other server. Do you think it'd be correct to change every eval:check_rbl() and eval:check_rbl_sub() to include the '-notfirsthop' modifier? If I understand correctly, if a message is sent directly from an open proxy to my server, I'd be checking it anyway, but if it properly relays thru another server, then I'd be checking the relaying servers and not the originating one... If the relaying server(s) were open proxyies or open relays, then they should also be blackslisted and they'd be hitting. Is my reasoning and understanding correct? Does anyone think I'm doing something very wrongly by doing this? Thanx a lot. -- Mariano Absatz El Baby ---------------------------------------------------------- A flashlight is a case for holding dead batteries.
