Bob McClure Jr wrote:
On Tue, Jul 22, 2008 at 11:37:39AM -0400, Kevin Parris wrote:
<snippage>
The spammers are spending other people's money, since much of their
"work" is done by hijacked machines, thus they do not care how
'expensive' their project might be, and any responses they do get
are practically pure profit. So to probe a million targets and find
even one vulnerable is "worth the trouble" since it is not their own
trouble.
The flaw in your logic is that you are thinking logically, working
from the premise that any intelligent administrator (such as
yourself) would never create a machine that is susceptible to this
particular attack. Maybe YOUR server is not a viable avenue for the
spammer, but there are SO many servers out there - finding a few
that ARE viable is almost a certainty, since some people who connect
systems to the internet are not so well-informed as we here.
I believe that until a technique is discovered to eliminate
ignorance and gullibility from the human population, there will be
no solution to the spam problem.
If I may extend this OT thread, I'd like to know how draconian admins
get with their mail servers. Without considering RBLs, how much do
you limit client connections:
Allow only those with (PTR and/or A) DNS records?
unfortunately, this would
- block silly networks with misconfigured DNS, but from which you still
want to get mail.
- delay (or block, depending on your implementation) good networks in
case of DNS problems. (the dspam domain was once under DDoS. delaying
their _sollicted_ mail is not really nice).
Allow only those with MX records?
if the envelope sender domain has no MX nor A record (or has an invalid
or borked MX), you can block. but this doesn't catch much junk. It does
however catch legitimate mail in case of misconfiguration.
I figure only the latter will be the Final Solution to spam.
final what? fussp?
since spammers forge the sender, sender checks don't buy you much.
But
there are probably only two chances of that - slim and none.
