Great Circle Associates List-Managers
(May 1997)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: rejected mail - RFC822 conflict ???
From: Eric Thomas <ERIC @ VM . SE . LSOFT . COM>
Date: Wed, 7 May 1997 23:54:11 +0200
To: KnowlesB @ aol . net, Brad Knowles <BKnowles @ aol . net>
Cc: LSTOWN-L @ PEACH . EASE . LSOFT . COM, LSTSRV-L @ PEACH . EASE . LSOFT . COM, Valdis Kletnieks <Valdis . Kletnieks @ VT . EDU>, Michael Ramundo <sysmrr @ CNSIBM . ALBANY . EDU>, Jeff Kell <jeff-kell @ UTC . EDU>, Pete Weiss <Pete-Weiss @ PSU . EDU>, list-managers @ GreatCircle . COM
In-reply-to: Message of Wed, 07 May 1997 17:51:37 -0400 from Brad Knowles <BKnowles @ aol . net>

On Wed, 07 May 1997 17:51:37 -0400 Brad Knowles <BKnowles @
 aol .
 net> said:

>    Let them flame away. It has  been my experience that those who flame
>AOL have never had to deal with a system anywhere *near* 1/10th the size
>of what  we have,  where a  difference in scale  typically results  in a
>difference in kind.

*sigh* All  right. How much SMTP  mail did AOL deliver  yesterday? L-Soft
made 4,143,362 deliveries  yesterday (below average). I  imagine that AOL
delivered well over  41,433,620 SMTP messages in that time  frame, or you
would not have applied this remark to me.

>    If they think  they can do any better (yourself  included), let them
>come here and prove it.

As  a matter  of  fact, yes,  I  do think  I could  do  better than  your
sendmail-based setup! You would actually keep your current sendmail setup
but route all your outgoing  mail through a redundant LSMTP configuration
(ideally  a  VMS cluster  with  shared  redundant storage  and  automatic
failover,  so that  you can  blow  up any  one  of the  box and  continue
uninterrupted). Likewise, these servers  could collect your incoming mail
and route it  to your unix systems at  a pace which you would  be able to
control. This  would allow you  to operate  your sendmail systems  in the
most efficient  manner, with  little or no  outbound queue,  a controlled
number  of concurrent  processes,  etc. So,  you would  be  able to  keep
development and custom code on unix where you want it, while dramatically
improving your performance and capacity.  Was this a honest invitation or
just  a  figure of  speech?  If  you are  serious,  please  send us  your
technical requirements and we will take it on from there.

>    The response I've gotten from AOL  users so far has been exceedingly
>positive,

Let me get this  straight. You have observed that a  lot of spammers used
source routes  in the MAIL FROM:  field. You then started  rejecting this
mail and  your users have  been very happy. I  don't doubt this.  What is
going to  happen though  is that  the spammers  will get  a clue,  if not
tomorrow then  next week or next  month, and they will  stop sending mail
with source routed  MAIL FROM:, since it does not  get there, and instead
use a  % hack,  the hostname of  some random cisco  somewhere in  the net
(that would work  wonders on your sendmail queues!), or  why bother, just
MAIL FROM:<>. Your users will get the  spam again and you will be back to
the drawing board.  So, this is a  temporary hack that will  buy you some
amount of temporary relief until the spammers get smarter. Why didn't you
say so  from the beginning?  I still don't  agree with the  approach, but
this at  least makes  some measure  of sense.  Definitely more  than just
stating  that  source  routes  are  intrinsically evil  and  need  to  be
exterminated.

>    I believe that you'll find beleaguered SysAdmins the world over that
>will feel the same way we do,

I am not disputing your right to refuse to process illegitimate messages.
We do  this as well, and  frankly I don't  know where you got  the notion
that I  do not have to  deal with spammers on  a daily basis and  have no
idea how mean  they can be and so  on. I am only disputing  the wisdom of
rejecting perfectly  legitimate messages  (which have 2-3  recipients and
are thus clearly not  spam) on the basis that the  MAIL FROM: field looks
like  what the  current  version  of a  popular  spam program  generates,
especially since there will be a new  version of the spam program soon to
correct this "problem".

  Eric


Indexed By Date Previous: Re: rejected mail - RFC822 conflict ???
From: Brad Knowles <BKnowles @ aol . net>
Next: Re: rejected mail - RFC822 conflict ???
From: Brad Knowles <BKnowles @ aol . net>
Indexed By Thread Previous: Re: rejected mail - RFC822 conflict ???
From: Brad Knowles <BKnowles @ aol . net>
Next: Re: rejected mail - RFC822 conflict ???
From: Brad Knowles <BKnowles @ aol . net>

Google
 
Search Internet Search www.greatcircle.com