Hello Mean, On Wednesday, December 4, 2002 at 4:56:49 AM you [MD] wrote (at least in part):
>> So I, as postmaster, would be receiving bounce messages from users who >> have been spoofing my return address and routing? That'll get them >> kicked off the system as fast as I can dig up my logs. > With the number of bounced messages on the net, do you really think > that the postmaster address is going to be monitored Definitely yes! RFCs not only recommend, but require postmaster@ being a active and read address per domain. > and someone is going to make a living of studying bounced messages Yes. It might be a male function in mail server if a message bounces. With routine you get used to 'misaddressed' messages and learn to recognize them quickly, but nevertheless every single mail in postmasters mailbox is inspected by myself. > and finding out if it was a spoofed email addy that caused it. If I stumble over a mail that was bounced because "the address does not exist" in the domain I'm responsible for I do have a look if this is true. If the address does not exist further bounces, telling about the same address are deleted. If the address exists, but the bounce says No I dig, WHY the message was bounced. Figuring out the spoofing is child's play, as the headers let easily guess _who exactly_ sent the bounce. > No one has taken Mailwasher to court...I guess when it comes to > fighting spam, a little flexibility is expected. I'm sorry for being forced to disillusionate you, but this "faking bounces" ain't "fighting spam" even in the slightest way. It has nothing in common with any successful "spam fighting technology", the effect of bounces and faked bounces on amount of spam is near to zero, not measurable. If you want flexibility in fighting spam make use of RBLs and systems like SpamAssassin (like!!! there might be others that work in a similar fashion. I don't want to break it down on SA being "the one"!). Flexibility too is a patch I applied for example to qmail, that allows to deny mails from and to addresses specified by regular expressions. I do get a lot of spam on one domain I'm technically responsible for on addresses like [EMAIL PROTECTED] and [EMAIL PROTECTED] Denying mails to "support\d+@" on SMTP level decreases the amount a lot. THAT is flexible, not "annoying innocent postmasters" (especially the one from your own ISP!) by filling their inbox with those ineffective doublebounces ('double' because in 99% your "bounce" will bounce itself and the so called double bounce will end up in postmasters mailbox). I'm in a lucky position: if one of our customers would come to the idea to use a system like Mailwasher for creating "faked bounces" I'd phone him, please him to stop this stupid behavior and if he don't I'd forward _every single_ double bounce to his mailboxes. ISP might not be able to do so, because of to many different customers. But there the problem is located: ISP can't direct the double bounces to the originator and they can't fire all customers. So the result is: postmaster@ _will_ become read less and lesser. You might think: who cares? I, and many others, do. THIS is one of the _really few_ addresses you (yet) can be sure to reach somebody in case of a technical problem with the MTA. As time goes by and this mailbox is more and more unread or feeded to /dev/null it get's unusable. So where to direct a problem to, if you're no customer, but only recognize a problem between your MTA and the other one? So all you reach with these dubious practice is lowering the quality of technical background of the Internet: 1.) waste of bandwidth - I know you're bounces aren't big, but sum them _all_ up. It will make a significant amount of traffic. 2.) decrease of read postmaster mailboxes, which will earlier or later significantly cumber solving of problems, because of an artificial barrier for contacting a technical responsible. -- Regards Peter Palmreuther (The Bat! v1.62 Beta/17 on Windows 2000 5.0 Build 2195 Service Pack 1) Do not believe in miracles--rely on them. ________________________________________________ Current version is 1.61 | "Using TBUDL" information: http://www.silverstones.com/thebat/TBUDLInfo.html