Anti-spam SMTP mods
Jonathan Hutchins
hutchins at tarcanfel.org
Fri Mar 12 21:21:38 CST 2004
On Friday, March 12, 2004 02:25 pm, Rex Deaver wrote:
> I much prefer the method used by MailWasher, don't
> know if it is available for Linux, but shouldn't be
> hard to do. You view your email while it is still on
> the server, select the spam, the good stuff is
> delivered and the bad stuff is bounced as if the email
> address was invalid.
The problem with bouncing the messages, especially after they are received, is
that the "bounce" typically sends the message as an attachment to a message
from you or your mailserver, and uses the "From:" or "Reply-To:" header in
the spam. These headers are almost universally forged now, so you end up
sending your "bounce" to some other poor user. Since the bounce message
appears as a message from you or your mailserver's administrator, both of
which are valid addresses, it can bypass some of the security checks.
At the least, these bogus bounce messages are just more annoying spam - this
time generated by you. At worst, they can bring a destructive payload
through inadequate security, in which case YOU end up being the person who
sent the damaging email.
A better thing to do with verified spam is to a) use it to train beysian
filters, and possibly report it to a system like Vipul's Razor, which
maintains a database of spam signatures.
Bouncing was a good idea when it most often meant a problem with a destination
mailbox. In these days of spam and trojans, it's no longer a good policy.
More information about the Kclug
mailing list