Re: really 'evi'l ipfw rules
From:Date: 09/26/02
- Next message: Ken: "Re: Problems with Cookie errors"
- Previous message: russandsandy: "Re: Watchguard Firebox (Proxy Services)"
- In reply to: Doug Young: "really 'evi'l ipfw rules"
- Next in thread: : "Re: really 'evi'l ipfw rules"
- Reply: : "Re: really 'evi'l ipfw rules"
- Reply: : "Re: really 'evi'l ipfw rules"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Sep 2002 04:37:59 GMT
Hi Doug -
On Wed, 25 Sep 2002 21:48:17 GMT, "Doug Young" <dougy@brizzie.org>
wrote:
>Is anyone aware of a way to write ipfw rules that automagically return SPAM
>to whence it came & clone a few million copies to accompany it ?? Would
>also need some safeguard to prevent problems resulting from the typical
>asian spammer belong non-functional reply address. I realize there are
>possibly other more conventional means of doing something like this, however
>I've been finding firewall rules somewhat more effective than anything else,
>particularly with korean / chinese junk
This reply includes references to other messages in this thread ...
1. As has already been pointed out, what you are requesting above is
not a firewall kind of thing.
2. 99.99% of spam has from, sender, and reply addresses that are
totally bogus or are valid email addresses but not connected with the
spammer in any way. Would you really want to dump your load in the
mailbox of some innocent person?
3. After all of these messages hit your ISP's SMTP server to go out,
your ISP would have some very pointed things to say to you.
4. All of those messages would be clogging up internet bandwidth,
slowing people down.
5. If your email got through to the spammer, you would be confirming
your email address, thereby making your email address more valuable to
spammers.
6. Sending remove requests to spammers, regardless of their location,
is just confirming your email address. Report the spam to the ISP
that the spammer is using to connect to the internet and/or the ISP of
the SMTP server being used, as is appropriate. (If there is a local
connection to an SMTP server, there is no connecting ISP. If they are
connecting directly to your ISP's server, there is no point
complaining to your ISP, but in this case they will have a connecting
ISP.)
7. Using a firewall DENY rule only works if the spammer is connecting
directly to your system to drop the mail in a local SMTP server. If
you connect out to a server to pick up your mail a firewall rule won't
work.
8. I use filter rules in my email software. When I get spam, I look
up the valid IP address(es) in the headers at ARIN. If I find that
the associated class A network belongs to APNIC, I add a filter rule
to trash all messages with an IP address from that class A network
anyplace in the headers. If I were to need to receive email from
someone who uses APNIC connections and/or servers, I would create an
appropriate filter rule and put it higher on the list.
Ken
- Next message: Ken: "Re: Problems with Cookie errors"
- Previous message: russandsandy: "Re: Watchguard Firebox (Proxy Services)"
- In reply to: Doug Young: "really 'evi'l ipfw rules"
- Next in thread: : "Re: really 'evi'l ipfw rules"
- Reply: : "Re: really 'evi'l ipfw rules"
- Reply: : "Re: really 'evi'l ipfw rules"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
