[kwlug-disc] About spamming techniques [was: Nextcloud 11]
Chamunks
chamunks at gmail.com
Thu Dec 15 10:21:36 EST 2016
Then of course there are tons of email servers that don't provide it.
On Thu, Dec 15, 2016, 4:25 AM Bob Jonkman <bjonkman at sobac.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Chamunks writes
> > most of the big email providers will reject those [invalid
> > attempts]
>
> And that's the problem. A server which strictly accepts only mail that
> passes DKIM and SPF (and DMARC) checks will not let any spam through,
> but at the expense of false positives (unwanted rejections) from those
> mail servers that don't implement DKIM or SPF.
>
> I see that SPF has finally graduated to "Standards Track" from
> "Experimental", but none of these protocols are required for
> conformance to the mail standards of RFC5321
> https://tools.ietf.org/html/rfc5321#section-3.6.2
>
> - --Bob, who wonders why RFC5321 isn't part of STD10
>
>
>
> On 2016-12-15 12:13 AM, Chamunks wrote:
> > @Bob I find that for the most part what I've read is that as long
> > as you use DKIM and SPF records you can basically prevent spoofing.
> > There still will be a few people that try but most of the big email
> > providers will reject those from what I read.
> >
> > On Wed, Dec 14, 2016 at 9:06 PM Hubert Chathi <hubert at uhoreg.ca>
> > wrote:
> >
> >> On Wed, 14 Dec 2016 15:30:16 -0500, Bob Jonkman
> >> <bjonkman at sobac.com> said:
> >>
> >>> Jason wrote:
> >>>> If [a spammer] get a notification for blocked messages,
> >>>> [spammer] can iterate parameters until you figure out the
> >>>> exact configuration.
> >>
> >>> Even worse, it causes spam backscatter. If a spammer spoofs
> >>> your email address as sender, then when my mail server sends
> >>> back a delivery failure message it'll go to you. It's a clever
> >>> way for spammers to get their mail to you via my spam rejection
> >>> rules.
> >>
> >> Yes, that's why it's better to reject mail at SMTP-time, rather
> >> than to accept mail and then generate a bounce email. That way,
> >> it's the sender's server who generates the bounce email, and
> >> presumably they know the actual sender.
> >>
> >> Allowing servers to send mail on behalf of other people is quite
> >> a handy feature of email (it allows, for example, email lists and
> >> forwarders), but causes spam problems.
> >>
> >>
> >> _______________________________________________ kwlug-disc
> >> mailing list kwlug-disc at kwlug.org
> >> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> >>
> >>
> >
> >
> >
> > _______________________________________________ kwlug-disc mailing
> > list kwlug-disc at kwlug.org
> > http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> >
>
> - --
>
>
> - --
> Bob Jonkman <bjonkman at sobac.com> Phone: +1-519-635-9413
> SOBAC Microcomputer Services http://sobac.com/sobac/
> Software --- Office & Business Automation --- Consulting
> GnuPG Fngrprnt:04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> Comment: Ensure confidentiality, authenticity, non-repudiability
>
> iEYEARECAAYFAlhSYOwACgkQuRKJsNLM5eoUowCgrJrRJDCMGSgXFUMS+UgiaZhl
> L24AnAiIUKTI4ADdEKbGtiekKPaG2iws
> =NxtS
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20161215/ebfb1c24/attachment.htm>
More information about the kwlug-disc
mailing list