| ac on 19 Oct 2016 04:39:38 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] spamassassin help: create a rule to score by sender TLD |
On Wed, 19 Oct 2016 13:30:37 +0200
ac <ac@main.me> wrote:
>
> funny. but it proves my point exactly.
>
Rich Kulawiec, your email is so very broken.
the spammers have won their battle against you as they have made you
block everyone - I just tried sending from other .com servers as well
as brighthouse/time warner ranges, etc.
Your argument of course would be something along the lines of, I do not
have to accept emails from anyone I do not know... etc etc.
Now, imagine if you actually had users...
A message that you sent could not
be delivered to one or more of its recipients. This is a permanent
error. The following address(es) failed:
rsk@gsp.org
host taos.firemountain.net [207.114.3.54]
SMTP error from remote mail server after RCPT TO:<rsk@gsp.org>:
550 5.7.1 <rsk@gsp.org>... Mail refused - ruleset-tld/me:
forward this message to sep2016@firemountain.net if in error
Return-path: <ac@main.me>
Received: from 72-185-19-21.res.bhn.net ([72.185.19.21]:46858
> no I am sending from a well known and maintained ipv4 space, from a
> reputable .com mail server... that is blacklisted exactly nowhere -
> anytime in the past ten+ years
>
> and you are not receiving my email...
>
> imagine you relied on your email as a business tool (to buy food)
>
> you would be screwed.
>
>
> rsk@gsp.org
> host taos.firemountain.net [207.114.3.54]
> SMTP error from remote mail server after RCPT TO:<rsk@gsp.org>:
> 550 5.7.1 <rsk@gsp.org>... Mail refused - ruleset-tld/me:
> forward this message to sep2016@firemountain.net if in error
>
>
>
> On Wed, 19 Oct 2016 13:25:58 +0200
> ac <ac@main.me> wrote:
>
> > On Wed, 19 Oct 2016 05:30:24 -0400
> > Rich Kulawiec <rsk@gsp.org> wrote:
> >
> > > I think it's fair to say that I have some expertise in this area,
> > > so:
> > >
> > you have 'some' experience in being aggressively vocally anti spam,
> > there is a big difference in having an opinion and actually having
> > to deal with end users/clients.
> >
> > > On Tue, Oct 18, 2016 at 12:55:28PM -0400, Greg Helledy wrote:
> > > > I know how to blacklist a domain, but I don't want to be that
> > > > blunt [...]
> > >
> > > But you should be. It's rapidly becoming a best practice.
> > >
> > no, imnsho it is not.
> >
> > punishing the ipv4 senders and white-list ipv6 is already best
> > practice.
> >
> > it works very well.
> >
> > > There are quite a few new TLDs that have been quickly overrun by
> > > spammers. I highly recommend blacklisting them outright and --
> > > maybe -- making exceptions on a case-by-case basis. (I say
> > > "maybe" because I have very little sympathy for people who make
> > > extremely poor decisions and then expect the rest of us to
> > > compensate for their lack of due diligence. Anybody registering
> > > a domain in something like .stream or .download is either a
> > > spammer or clueless. Do you really want email from spammers or
> > > idiots?)
> > >
> > > Spamhaus is now tracking these:
> > >
> > > The World's Most Abused TLDs
> > > https://www.spamhaus.org/statistics/tlds/
> > >
> > > But do keep in mind that Spamhaus is very conservative, so what
> > > you see on that page is probably a serious underestimate. (Note
> > > that the first entry is .science, and per their stats it's nearly
> > > 90% bad. Already. It will never get better. It will always get
> > > worse. We've seen this movie before and it always ends the same
> > > way.)
> > >
> > > I blacklisted several hundred TLDs the moment they went live. In
> > > all the time since, I've had one reported false positive. (And
> > > yes, I have a working, tested, reliable mechanism for FP
> > > reporting.) I recommend the same course of action for everybody
> > > else *unless* you have a business or personal need for email from
> > > one of them.
> > >
> > > More broadly: the age of default permit in email is over. You
> > > should think in terms of what you *need*, not what anybody else
> > > wants. If you don't need email from Korea or Portugal or
> > > Argentina, you should be blocking the entire TLD and the IP
> > > address allocations (see ipdeny.com) of those countries
> > > outright...not trying to filter traffic from them. The same goes
> > > for TLDs, domains, and everything else.
> > >
> > > ---rsk
> > > ___________________________________________________________________________
> > > Philadelphia Linux Users Group --
> > > http://www.phillylinux.org Announcements -
> > > http://lists.phillylinux.org/mailman/listinfo/plug-announce
> > > General Discussion --
> > > http://lists.phillylinux.org/mailman/listinfo/plug
> >
> > ___________________________________________________________________________
> > Philadelphia Linux Users Group --
> > http://www.phillylinux.org Announcements -
> > http://lists.phillylinux.org/mailman/listinfo/plug-announce General
> > Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
>
> ___________________________________________________________________________
> Philadelphia Linux Users Group --
> http://www.phillylinux.org Announcements -
> http://lists.phillylinux.org/mailman/listinfo/plug-announce General
> Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug