...making Linux just a little more fun!
Rick Moen [rick at linuxmafia.com]
Speaking of my strategy, here's me getting the sharp end of someone else being awfully militant -- and, in my view, overreacting to my system's spam-detection measures.
----- Forwarded message from Keith Burris <burriskm@lanetworks.com> -----Date: Fri, 13 Jun 2008 12:00:47 -0700 (PDT) From: Keith Burris <burriskm@lanetworks.com> To: rick@linuxmafia.com Subject: [Fwd: Mail delivery failed: returning message to sender]Hi, I'm sending this to let you know, if you're not already aware, that [198.144.195.186] is listed on the backscatterer.org RBL. We're kind of aggressive and block rather than increment the message's SA score. Usually that works OK but this is a case where it doesn't. I'll whitelist [198.144.195.186] on our end. I am a little surprised that you're using call backs, though. Keith-- Keith M. Burris, Partner LANETWORKS[[[ Phone numbers elided. -- Kat ]]]
---------------------------- Original Message ----------------------------Subject: [Fwd: Mail delivery failed: returning message to sender] From: "Lanet Khodabakhsh" <lanet@lanetworks.com> Date: Fri, June 13, 2008 11:29 am To: "Keith Burris" <burriskm@lanetworks.com>-------------------------------------------------------------------------- Can you help? -------- Original Message --------Subject: Mail delivery failed: returning message to sender Date: Fri, 13 Jun 2008 11:21:28 -0700 From: Mail Delivery System <Mailer-Daemon@lanetworks.com> To: lanet@lanetworks.comThis message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: karsten@linuxmafia.com SMTP error from remote mail server after RCPT TOkarsten@linuxmafia.com>: host linuxmafia.com [198.144.195.186]: 550-Verification failed for <lanet@lanetworks.com> 550-Called: 69.17.46.3 550-Sent: RCPT TO
Message-ID: <4852BA90.10609@lanetworks.com> Date: Fri, 13 Jun 2008 11:21:04 -0700 From: Lanet Khodabakhsh <lanet@lanetworks.com>Organization: LANETWORKSUser-Agent: Thunderbird 2.0.0.14 (Windows/20080421)MIME-Version: 1.0To: "Karsten M. Self" <karsten@linuxmafia.com> Subject: [Fwd: Re: Thank You!]Content-Type: multipart/alternative; boundary="------------090309080101000600010403" X-Spam-Score: 0.2 (/) X-Spam-Report: Spam detection software, running on the system "shaun.lanetworks.com", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see The administrator of that system for details. Content preview: resending mssg -------- Original Message -------- Subject: Re: Thank You! Date: Fri, 13 Jun 2008 10:53:00 -0700 From: Lanet Khodabakhsh <lanet@lanetworks.com> Organization: LANETWORKS To: Karsten M. Self <karsten@linuxmafia.com> References: <82498.1881.qm@web81203.mail.mud.yahoo.com> <20080611234804.GY1574@linuxmafia.com> [...] Content analysis details: (0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 BAYES_00 BODY: Bayesian spam probability is 0 to 1% [score: 0.0000] 0.0 HTML_MESSAGE BODY: HTML included in message 0.1 AWL AWL: From: address is in the auto white-list [snip rejected copy of a message to Karsten M. Self <karsten@linuxmafia.com>] ----- End forwarded message ----- ----- Forwarded message from Rick Moen <rick@linuxmafia.com> -----Date: Fri, 13 Jun 2008 13:54:54 -0700 From: Rick Moen <rick@linuxmafia.com> To: Keith Burris <burriskm@lanetworks.com> Cc: karsten@linuxmafia.com Subject: Re: [Fwd: Mail delivery failed: returning message to sender]Quoting Keith Burris (burriskm@lanetworks.com):> I'm sending this to let you know, if you're not already aware, that > [198.144.195.186] is listed on the backscatterer.org RBL. We're kind of > aggressive and block rather than increment the message's SA score. > > Usually that works OK but this is a case where it doesn't. > > I'll whitelist [198.144.195.186] on our end. > > I am a little surprised that you're using call backs, though.Hi, Keith. I do use a particular type of callout, in a way that I have taken care to make sure is (IMO, and I'm willing to be convinced otherwise) not abusive. 1. I recognise backscatter to be a very serious problem, and try to make sure my systems are not guilty of same. 2. My Exim4 MTA is configured to callout to the claimed delivering domain's MX and test using RCPT TO (_not_ VRFY) that the claimed sender address is deliverable, and that postmaster@ and abuse@ are deliverable. Claimed delivering domains that fail those tests get told 550. It doesn't perform these tests on every attempted delivery; test results get cached and reused, specifically to avoid abuse. The guidelines at http://www.backscatterer.org/index.php?target=sendercallouts seem to suggest that systems get listed if they do such callouts at all, without regard to whether the level of such traffic is problematic or not. I understand their perspective, but do not concur with the implied "No level of callouts is permissible" assumption. I attempt to operate a reputable mail system -- though of course I could be misguided or be guilty of operating a misconfigured system. I'll study the backscatterer.org RBL docs more closely, but my immediate inclination is that I'm not misguided in this case. Best Regards, Rick Moen, owner/sysadmin of 198.144.195.186 (linuxmafia.com, unixmercenary.net, and lists.linuxgazette.net) 650-283-7902 cellular ----- End forwarded message -----
Rick Moen [rick at linuxmafia.com]
I of course wrote back to thank him.
(If we publish this thread, we should redact out his contact telephone numbers, please. Mine, by contrast, is completely public.)
[[[ Done else-thread as well. -- Kat ]]]
----- Forwarded message from Keith Burris <burriskm@lanetworks.com> -----
Date: Fri, 13 Jun 2008 15:23:55 -0700 (PDT) From: Keith Burris <burriskm@lanetworks.com> To: Rick Moen <rick@linuxmafia.com> Cc: karsten@linuxmafia.com Subject: Re: [Fwd: Mail delivery failed: returning message to sender]Hi, Rick --
<snip>
> > The guidelines at > http://www.backscatterer.org/index.php?target=sendercallouts seem to > suggest that systems get listed if they do such callouts at all, without > regard to whether the level of such traffic is problematic or not. I > understand their perspective, but do not concur with the implied "No > level of callouts is permissible" assumption. >
Given that we drop before DATA (unless postmaster@ or abuse@) if a system is on the backscatterer.org RBL, I guess that's more-or-less implicit agreement with the assumption on our part. I'm not so sure I'm comfortable with that decision. It's been a while since I implemented that RBL and I don't recall them having a "wait for the listing to expire or pay us 50 euros" policy which I see there today. That adds to my discomfort level.
> I attempt to operate a reputable mail system -- though of course I could > be misguided or be guilty of operating a misconfigured system. I'll > study the backscatterer.org RBL docs more closely, but my immediate > inclination is that I'm not misguided in this case. >
Sure. I didn't mean to suggest otherwise. I added linuxmafia.com server to our whitelist because I felt that backscatterer.org got it wrong; I saw no reason to honor their listing. In writing you, I just wanted to point out that the server was listed there.
Regards.
Keith
<snip>
----- End forwarded message -----