Spamhaus...

Sat Feb 20 01:35:26 UTC 2010

On 2/19/2010 7:20 PM, William Herrin wrote:
> On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec <rsk at gsp.org> wrote:
>> Barracuda's engineers apparently think
>> that using SPF stops backscatter -- and it most emphatically does not.
>>
>> Reject gooooood, bounce baaaaaaad. [1]
> 
> Whine all you want about backscatter but until you propose a
> comprehensive solution that's still reasonably compatible with RFC
> 2821's section 3.7 you're just talking trash.
> 
> "If an SMTP server has accepted the task of relaying the mail and
> later finds that the destination is incorrect or that the mail cannot
> be delivered for some other reason, then it MUST construct an
> "undeliverable mail" notification message and send it to the
> originator of the undeliverable mail (as indicated by the
> reverse-path)."

Does the RFC say what to do if the reverse-path has been damaged and now
points to somebody who had nothing what ever to do with the email?

Do your SNMP clients respond truthfully to EXPN requests?  How about
source-routed traffic?  ICMP requests? Recursive DNS requests?

If not, why not?

I don't run any sites anymore, but when I did, unsolicited traffic
(traffic not in response to traffic from somebody on my network) was
blocked when detected, and remained blocked until somebody inside our
boundary complained, and on second occurrence until my management
directed me to remove the block.

"in response to our traffic" was a situational matter determined by
reasonable people on a case by case basis as required.
-- 
"Government big enough to supply everything you need is big enough to
take everything you have."

Remember:  The Ark was built by amateurs, the Titanic by professionals.

Requiescas in pace o email
Ex turpi causa non oritur actio
Eppure si rinfresca

ICBM Targeting Information:  http://tinyurl.com/4sqczs
http://tinyurl.com/7tp8ml