[TriLUG] Another seal broken... thinking of installing a C/R anti-spam system
jonc
jonc at nc.rr.com
Mon Jan 29 11:23:50 EST 2007
Excellent point, but then we have a known Mailserver that is spewing
fake-mail. You can either drop all mail from this server - or examine
the digital key header for all email coming from this server and drop
the fake ones.
We could also employ Wayne Byarlay's idea and give each T-SMTP server
its own digital key so that we can now build a web of trust across
servers.
If we run server-to-server traffic on a different protocol (also
suggested earlier) we can actually leave the suspect mail on the suspect
server and not download/accept the email until we have verified the
authenticity of each email.
This leaves the spammers server bunched up with his *own* spam... :-)
On Mon, 2007-01-29 at 10:58, Brad Jorsch wrote:
> On Mon, Jan 29, 2007 at 10:44:15AM -0500, jonc wrote:
> >
> > On the bright side, if we move to T-SMTP (requiring authenticated SMTP
> > drop offs) then you could trace the phisher back to his vessel and then
> > rock his boat.
>
> Not really. The phisher isn't going to do things right, he'll just
> pretend he's forwarding a message that was originally authenticated by
> some random joe. Same as they forge Received headers now.
>
> It'll catch zombies that send through the smarthost, though.
More information about the TriLUG
mailing list