Note to mail server admins: spammers lie!
This post is not going to contain any original insights into the spam problem, but I need to vent a bit. And, as the title suggests, apparently the news still hasn’t reached all the people it needs to reach, so maybe it won’t hurt to repeat it again.
So yesterday, as happens every couple of months, a spammer somewhere in Pakistan decided to randomly pick the mwolf.net domain as the fake ‘from’ address for his various unsavoury commercial offerings. Which means, of course, that I get a few hundred bounces from well-meaning but naive mailservers, configured by well-meaning but naive admins.
Hello everybody: spammers lie! Their pills don’t work, their stock tips are scams, they won’t deposit several million dollars into your bank account if you just let them use your account number for a couple of days, and their return addresses aren’t valid. If you have determined that a given e-mail is probably spam, then sending anything to the ‘from’ or ‘reply-to’ address is just about the least useful thing you could do. It makes you a part of the problem, not the solution. By sending an automated response to that address, you are allowing the spammer to use your server to effectively spam me. I get plenty of spam myself, but SpamAssassin deals with that pretty well; the bounce messages are a bigger problem.
In a world where e-mail to a non-existent username is a lot more likely to be spam or a virus than an innocent typo, sending reply messages to such mail should be condemned as bad netiquette. Either accept all mail for your domain and swallow the spam silently, or set up your system so that it generates an error message as part of the SMTP exchange. And never, ever send any kind of response to a message which your filter software has already identified as being probable spam.
And then, of course, there are the ‘callback’ systems, which send an automated response to every mail they receive, asking the server to click on a link or in some other way prove that they are a real person. Of course, this also means that they send out one harassing message to an innocent third party for every spam message they receive, thus effectively becoming a spammer themselves.
In other spam news, and related to my previous post: it turns out that some of my own legitimate mail is not being received because it is being identified as spam by over-eager filters. Why? Because my ADSL account, with a server running 24*7 on a fixed IP address, is listed as a dial-up in some blacklists. Now, I can kind of see the logic behind that — after all, blocking dial-up users is probably fairly successful in getting rid of a lot of spam from botnets. But there’s a baby in the bathwater: a lot of technically savvy people like to run their own mailserver, ironically often with spam filtering as an important motive. As I once tried to explain to my previous employer: are these really the people whose job applications you want to block? There are much better ways of spam filtering, which don’t yield so many false positives. Please don’t do it.
December 5th, 2007 at 8:40 am
And you’ve just mentioned the number one reason why I stopped bothering myself with running a mail server. Now I just let someone else figure it out.
What you might be able to do is, have your ISPs mail server run as a relay for your mail. The ISPs mail server is probably able to get more mail out the door succesfully.
But don’t forget to add a SPF DNS record listing the ISPs SMTP host as a valid relaying host for your domain.
December 5th, 2007 at 8:22 pm
Yes, that’s what I’m going to try next. But it feels wrong: the whole reason for having my own server is because I want to be able to treat my ISP as nothing but a connection onto the Internet, and in every other respect my server should be a first-class citizen. I’ve got a static IP, dammit, I’m not some loser with a dial-up!
Ironically, because at least some of the servers which flag my mail as spam, do indeed follow my advice and silently ignore me, I don’t even know that anything is wrong until people start complaining that I never respond to their mail anymore. If they sent me a bounce message, as opposed to my plea in this blog post, I would at least know what’s up. So basically, I don’t get bounces when I want them and I get them when I don’t..
But on the whole, I would prefer the occasional lost message to the periodic deluge of injustified bounces I get now.
April 16th, 2008 at 7:54 am
I had the same problem with my mail-server. Suddenly my mails started bouncing because my IP (which is sold to me as a fixed one) is withing a dynamic range.
But I have now chosen to use my ISP’s mails server for relay. If you are using Postfix, this is extremely easy… just set “relayhost” to the servername in main.cf. That’s it! Everything else works as normal - your server still receives mail, and sending mail also works as normal, apart from being send through your ISP’s server first.
By the way… you have a great blog here….