Mailinglist Archive: opensuse-security (183 mails)
| < Previous | Next > |
Re: cracked system?
- From: Markus Gaugusch <markus@xxxxxxxxxxx>
- Date: Mon, 16 May 2005 18:32:43 +0200 (CEST)
- Message-id: <Pine.LNX.4.61.0505161803300.22898@xxxxxxxxxxxxxxxxxxx>
On May 16, Christian Boltz <suse-security@xxxxxxxxx> wrote:
> I'm not sure if I really want SPF...
>
> I like to use one SMTP server for all my mail adresses - most are
> @cboltz.de (which is the server I use for sending mails), but I also
> have adresses @web.de and @nexgo.de.
> GMX already classifies my mails with From: ...@xxxxxx as spam because I
> don't use the web.de SMTP server. Hey, cboltz.de is definitively not an
> open relay and has a static IP, so where's the problem?
You send mail from an IP that clearly does not belong to the owner of that
domain. This is the major problem with email: Everyone can send from
everywhere with every address. SPF is an attempt to solve that.
In your case, you could use a transport table entry in your mail server
and send all gmx mails to gmx and still use your server as central mail
sending hub.
> [greylisting]
> > The idea is quite simple: you temporarily reject *all* e-mail from
> > every SMTP client you haven't spoken to in a while [...]
>
> Greylisting sounds good, at least for blocking viruses.
> (Don't ask me if it really helps blocking spam, but I don't think so :-(
Greylisting has helped me a LOT, except for nigeria connection type spam,
because they (ab)use public webmail services.
Markus
--
__________________ /"\
Markus Gaugusch \ / ASCII Ribbon Campaign
markus(at)gaugusch.at X Against HTML Mail
/ \
> I'm not sure if I really want SPF...
>
> I like to use one SMTP server for all my mail adresses - most are
> @cboltz.de (which is the server I use for sending mails), but I also
> have adresses @web.de and @nexgo.de.
> GMX already classifies my mails with From: ...@xxxxxx as spam because I
> don't use the web.de SMTP server. Hey, cboltz.de is definitively not an
> open relay and has a static IP, so where's the problem?
You send mail from an IP that clearly does not belong to the owner of that
domain. This is the major problem with email: Everyone can send from
everywhere with every address. SPF is an attempt to solve that.
In your case, you could use a transport table entry in your mail server
and send all gmx mails to gmx and still use your server as central mail
sending hub.
> [greylisting]
> > The idea is quite simple: you temporarily reject *all* e-mail from
> > every SMTP client you haven't spoken to in a while [...]
>
> Greylisting sounds good, at least for blocking viruses.
> (Don't ask me if it really helps blocking spam, but I don't think so :-(
Greylisting has helped me a LOT, except for nigeria connection type spam,
because they (ab)use public webmail services.
Markus
--
__________________ /"\
Markus Gaugusch \ / ASCII Ribbon Campaign
markus(at)gaugusch.at X Against HTML Mail
/ \
| < Previous | Next > |