Mailinglist Archive: opensuse-security (88 mails)

< Previous Next >
Re: [suse-security] ezmlm warning
  • From: "Michel Messerschmidt" <lists@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 4 Apr 2006 08:03:56 +0200 (CEST)
  • Message-id: <16477.195.124.114.37.1144130636.squirrel@xxxxxxxxxxxxxxxxxxx>
Adi Pircalabu said:
> Michel Messerschmidt wrote:
>> Not always.
>> Sometimes you want to reject messages as spam based on certain
>> well-known
>> (at least for a small timeframe) source IPs, FROM or RCPT-TO addresses
>
> All due respect, you're wrong here. Bouncing is evil, it can fill up
> your bandwidth, and, somtimes, the bounce ends in the wrong place. You
> can also hit and annoy enough recipients (victims in this case) to get
> listed in various RBLs all over the net.

I fully agree with this. Once you use unverified addresses to activly
send out automated mails, you've lost. But this only concerns bounces
created by your own server in response to some (probably faked) addresses.
I was talking about an SMTP reject that leaves the responsibility at the
sending mail server - the one that really connected to your server (see
the example at http://en.wikipedia.org/wiki/Bounce_message for the
difference).


> Well, how do you reduce the load of a mailserver by bouncing spam?
> Here is the scenario: the message hits your mailserver and is analyzed.

I know one case where the mail analysation (spam/virus) caused too much
load and crashed the server :)
The *temporary* reject of unknown origins exceeding a certain connection
request rate may solve this problem.



--
Michel Messerschmidt, lists@xxxxxxxxxxxxxxxxxxxxxxx

$ rpm -q --whatrequires linux
no package requires linux

< Previous Next >