Anti-spam methods (was: Re: Comcast blocking port 25? (not what you think))

Bob Bell bbell at hp.com
Mon May 10 18:01:02 EDT 2004 

On Mon, May 10, 2004 at 02:21:02PM -0400, Paul Iadonisi <pri.lugofnh at iadonisi.to> wrote:
>   I was going to bring up MSA, too.  It should be noted, however, that
> MSA doesn't *require* authentication.  Check out RFC 2476 for details. 
> The RFC does lists authentication as an optional feature, however.

I wasn't aware of this.  A previous cursory glance of the RFC and other
reading made it seem like authentication was required.  I thought that
was the point, even.  A re-glance at the RFC makes me think you are
indeed correct.

> I *think* the DaemonPortOptions line above will not require the
> authentication you mention.  You need to specify 'M=Ea' instead of
> just 'M=E'.  That's for sendmail...your MTA may vary.

Ooh, you made me check quickly to ensure that I'm not in fact an open
relay.  However, I attempted to send mail from a user in the domain,
without logging in, outside the domain, and still got a "Relaying
denied" message, so I think I'm okay here.  Perhaps other parts of my
config are compensating.

>   I do predict that spammers will adapt to this new authenticated email
> world rather quickly.  Namely, they will modify their spam-cannon-laden
> viruses to pick up the user's SMTP server and username from his Outbreak
> config and either pick up the password from the config if it's saved, or
> sniff it as it's typed.

That seems likely, but how much email is send from virus-attacked
computers?  The SPF approach seems to have the goal on making DNS-based
blacklists reasonable, not addressing the spam-from-a-virus problem.

>   But we will still be in a better place when it comes to spam.  When
> enough clueless users get disconnected from their ISPs for spam
> propagation, they will either take more proactive measures to keep their
> systems clean of viruses, or put more pressure on their operating system
> vendors of choice to put security where it belongs: at a much higher
> priority than convenience.  Or both.

One can always hope...

-- 
Bob Bell

More information about the gnhlug-discuss mailing list