[RFCI-Discuss] RFC-ignorant.org list accuracy and refresh frequency...
Jean-Marc Pigeon
jmp at safe.ca
Mon Feb 23 20:29:54 EST 2009
On Mon, 2009-02-23 at 21:59 +0100, mouss wrote:
> logs? which logs? again, I only saw it because I have full control over
> my relay.
>
> - a "normal" user wouldn't see anything, because he can't see the logs
> - if I relayed via an MSP/ISP, say if I use free.fr as my relay, I would
> see nothing until I get an error 5 days later.
Please read , I was telling about the "recipient" log
(which are accessible via its own station),
in our case you are the "originator".
Your "originator" server should send you a
"warning trouble to send" at the 4 hour mark
(configuration dependant).
>
> if you can't see the problem, please let's stop here.
>
> > Such the Email will pass next SMTP automatic sending
> > try and the mail will be accepted within 4 hours.
>
> 1- did you get my email? can you show me the content?
You system stop to send the Email after 2 try
even the returned status was 4XX, I suppose
you removed it from your queue list.
> 2- do you mean that even if I don't click on the challenge link, my mail
> will be accepted after 4 hours? so a spammer can simply retry after 4
> hours?
No, in such situation, the "originator" click is
protected by a 'capcha', while the "recipient"
click is direct. (we try to make sure, "originator"
is a real human).
> if that's your defence against spammers, I wish you luck.
Well, access our WEB site real time statistics are
on-line, up to you to decide if we are lucky.
> I meant: if a spammer forges my s_sender_ address and sends via ISP.
> then the ISP will send me a bounce. so the result is that I get
> backscatter, even if it's not from you (so yes, it's better for you than
> "direct backscatter", but still...)
You have an interesting point:
1) If your ID is forged at YOUR ISP level, there is
nothing I can do, if you are said 'good', I'll
receive the scrap (I can just advise you on
a very personal level later on).
If the Email is rejected because you are said
'bad' you will get the 'backscatter'.
but you have all the headers and you can express
yourself to YOUR ISP. as your very own ID was stolen.
2) If your ID is forged somewhere in the world,
then you should be protected by your SPF
(seems to me you don't have an SPF record on
your domain, why?)
a) you have an SPF, remote ISP is not doing its job,
be free to complain to ISP if you feel it is worth.
b) you don't have an SPF, your only option is to
cry as spammer are entitle to grabe your
Email.
3) last case,
Mail is sent directly by spammer (beside hotmail,
it is mostly the case :) ). spammer get the hit.
Now, if you have a solution, not to reject an
email, nor to scrap it, not to overload your users,
please share with us.
What we make sure, we say "Yes/maybe/No/Virus"
while the SMTP connection is still open!
(decision is final, we do not send Email
according the Email header "from:" later on.
Decision is hard on the first email, decision
rely mostly on sending server historical profile,
as we do not know about email contents yet,
once you are set "good" you stay that way and
"trust" increased for your sending server).
>
> if that can help you understand the limitations of your system, and the
> problems that it causes, it's appropriate.
I do my best to explain limitation, must be
appropriate then :-}}
--
A bientôt
==========================================================================
Jean-Marc Pigeon Internet: jmp at safe.ca
SAFE Inc. Phone: (514) 493-4280
Fax: (514) 493-1946
Clement, 'a kiss solution' to get rid of SPAM (at last)
Clement' Home base <"http://www.clement.safe.ca">
==========================================================================
More information about the RFCI-Discuss
mailing list