OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: postfix (postfix_at_micromark.com.cn)
Date: Tue Nov 12 2002 - 23:28:16 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    yes it was a crap idea (thanks Wietse for showing the wood), where i made a
    number of assumptions that i should not have.
    single emailer etc.

    i also thought about serializing the postfix program, each postfix program
    has its own serial number (generated once ), that could be checked when an
    email was returned, underlivered and if the serial was not in there, then it
    was a fake return.

    what i was trying to accomplish was to identify returned email, as this is
    what is causing the problem,not to identify all incoming email.

    returned being , bounced from the receiving domain, not as a return from a
    user, as an attachment.
    i'm interested in not getting onto anymore blacklists

    education, forget it.
    if the admins did lookup , then they could see the shit was not from me, as
    the connection address would not match, and i would not have to worry about
    it.

    Anyway being in china and having a direct contact in china telcom , i can
    close down remailers and relays in china, fairly easily.
    we've done about 20 so far, and got a number of them onto password access.

    steve 

    -- 

    > From: wietseporcupine.org (Wietse Venema)
> Reply-To: Postfix users <postfix-userspostfix.org>
> Date: Tue, 12 Nov 2002 14:57:40 -0500 (EST)
> To: Postfix users <postfix-userspostfix.org>
> Subject: Re: (Wietse Venema )problems with spammers
> 
> Matthias Andree:
>> postfix <postfixmicromark.com.cn> writes:
>> 
>>> would it be possible to add the following function to your excellent postfix
>>> program.
>>> 
>>> when an email is sent from post fix it is given a "magic key", if an email
>>> is returned an action can be performed based the key being from postfix or
>>> not.
>> 
>> What's that good for? When the returned mail strips the magic key, what
>> are you going to do? It could be legitimate or now -- you don't know,
>> because the key is gone.
> 
> As I replied in private mail, the key already exists, and it is called
> Message ID. However, his whole idea is based on the assumption that
> one local mail server sees all the mail from and to a given recipient,
> and that bounced mail can be recognized reliably.
> 
> Wietse
> 
>>> the problem i have is spammers using my domain name & user list to send fake
>>> emails out of their systems, so if a mailer they are sending to rejects the
>>> email it comes back to my domain.
> 
>