Network Security: Detailed info on Re: ***SPAM*** Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6}

Subject:	Re: SPAM Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}
Date:	Sat, 14 Oct 2006 12:17:51 -0500

Subject:

Re: ***SPAM*** Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6}

Date:

Sat, 14 Oct 2006 12:17:51 -0500

--On October 14, 2006 1:44:04 AM -0400 Valdis.Kletnieks@vt.edu wrote:

On Fri, 13 Oct 2006 22:52:12 CDT, you said:

I'm not sure what you mean by "split inbound and outbound", but any
outbound MX host *should* be listed in DNS.


Tell you what.  Explain what an *OUTBOUND* MX is, and I'll see what I
can do.

The machine in question is *NOT* listed as an MX, because it is *NOT* a
machine that should be accepting *inbound* mail for the domain.  Its
purpose in life is to send mail to off-campus sites.

It appears that what you're missing is that this one "flaw" is not enough to get mail rejected by policyd-weight. Policyd-weight, much like SA, works on cumulative scoring. One "bad" thing isn't going to get your mail rejected. But, in general, spam, viruses, phishing scams, et. al. will not only not be listed as an MX in DNS, they also won't reverse. They also forge the domain. They also lie about the sender domain. They also come from dialups or from known "spammy" servers. So, the *cumulative* effect is that the mail gets rejected.

One "flaw" such as a missing MX record is not going to cause a problem.

Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

p7sTHFYBPgHjY.p7s
Description: S/MIME cryptographic signature

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Massive SPAM Increase {-2.6} {-2.6}, (continued) Re: Massive SPAM Increase {-2.6} {-2.6}, Nathaniel Hall Re: Massive SPAM Increase {-2.6} {-2.6}, Tim Re: Massive SPAM Increase {-2.6} {-2.6}, Brent Kearney Re: Massive SPAM Increase {-2.6} {-2.6}, Paul Schmehl Re: Massive SPAM Increase {-2.6} {-2.6}, Graeme Fowler Re: Re: Massive SPAM Increase {-2.6} {-2.6}, Luke Burton Re: Massive SPAM Increase, Tillmann Werner Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Paul Schmehl Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks Re: SPAM Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Paul Schmehl <= Re: Massive SPAM Increase, gabriel rosenkoetter Re: Massive SPAM Increase, Jamie Riden Re: SPAM Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Dude VanWinkle Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, benfell Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Paul Schmehl Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, gabriel rosenkoetter Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Paul Schmehl Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, gabriel rosenkoetter Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	possible SMTP attack: command=HELO/EHLO, count=3, terry white
Next by Date:	Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks
Previous by Thread:	Re: SPAM Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks
Next by Thread:	Re: Massive SPAM Increase, gabriel rosenkoetter
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

possible SMTP attack: command=HELO/EHLO, count=3, terry white

Next by Date:

Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks

Previous by Thread:

Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6}, Valdis . Kletnieks

Next by Thread:

Re: Massive SPAM Increase, gabriel rosenkoetter

Indexes:

[Date] [Thread] [Top] [All Lists]