You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-user@james.apache.org by Marc de Oliveira <Ma...@deOliveira.dk> on 2003/04/27 17:00:18 UTC
A question of ethics
This might be a little off topic but here goes:
My deoliveira.dk domain has just been used as the return address by a
spammer so that hundrets of "user unknown", "Delivery has failed" etc mails
are currently streaming into my mailbox. Each mail is for a different user
in my domain, like wwe5a4eae@deoliveira.dk or qweoi3498qw@deoliveira.dk etc
I have now decided to consider every mail to my deoliveira.dk domain to be a
spam mail except if the user name is one of the ones I use (like
marc@deoliveira.dk, ebay@deoliveira.dk etc).
I am still conserned that someone could be trying to reach me on an address
that I have not specified in the James configuration file so rather than
just sending all mails to unknown users directly to "Null" I have decided to
use a "NotifySender" mailet that explains that I am no longer using the used
mail address and that the sender should use another mail address to reach
me. Obviously I don't tell which address to use instead because many of
these mails might go to spammers.
The consquence of doing this is that all the poor souls that have been
spammed with my address will get even more mails when they reply to what
they think is a spammer. Same thing happens to all the mail servers that
reply with "user unknown" "unable to deliver" etc.
Am I doing the right thing or is there another solution that would be
better?
- Marc
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: A question of ethics
Posted by bill parducci <bi...@parducci.net>.
Marc de Oliveira wrote:
> I see your point but by dumping all unwanted mail I never get a mail that
> was sent to mark@deoliveira.dk by mistake (my mail address is
> marc@deoliveira.dk) while the sender is never warned that his mail never
> reached anybody. The result is that the sender gets the impression that I am
> ignoring him... :-(
the problem with autoresponse is that e-mail is awful at authentication.
so, an e-mail like this can be made to look like it is from the
james-users group and because you are responding it may just end up in
places that it shouldn't depending upon the response address.
b
p.s. i feel pretty confident in saying that the last thing the offended
user wants is another e-mail from you with another e-mail address! :o)
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: A question of ethics
Posted by Marco Tedone <m_...@hotmail.com>.
Excuse me, Bill. I have typed telnet www.deoliveira.dk 25 and then
nothing happened (a blank screen has been shown to me), then I pressed
ctrl and the session ended. Does it mean that I am not an open relay?
Regards,
Marco
> -----Original Message-----
> From: bill parducci [mailto:bill@parducci.net]
> Sent: 27 April 2003 19:04
> To: James Users List
> Subject: Re: A question of ethics
>
>
> you don't need ordb, just do this:
>
> $ telnet www.deoliveira.dk 25
>
> HELO zxcvgldfkdlskdl.com
> mail from: <ls...@zxcvgldfkdlskdl.com>
> rcpt to: <[friend's e-mail address]>
> data
> subject: I am an open relay!
> If you see this call me! I am an open relay!!
>
> .
>
> ctrl ]
> quit
>
> NOTE: make sure that you end the note with:
>
> <return>
> "."
> <return>
>
> as shown above.
>
> in case you are wondering, "ctrl ]" just kills the comm
> session inside
> telnet cleanly, quit terminates telnet)
>
> b
>
> p.s. i would have done it for you but the site is currently
> hammered and
> i can't get a connection.
>
> Marco Tedone wrote:
> > I wanted to try ordb.org but the site doesn't work. Is
> there any other
> > way to test if my mail server is an open relay?
> >
> > Regards,
> >
> > Marco
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: A question of ethics
Posted by bill parducci <bi...@parducci.net>.
you don't need ordb, just do this:
$ telnet www.deoliveira.dk 25
HELO zxcvgldfkdlskdl.com
mail from: <ls...@zxcvgldfkdlskdl.com>
rcpt to: <[friend's e-mail address]>
data
subject: I am an open relay!
If you see this call me! I am an open relay!!
.
ctrl ]
quit
NOTE: make sure that you end the note with:
<return>
"."
<return>
as shown above.
in case you are wondering, "ctrl ]" just kills the comm session inside
telnet cleanly, quit terminates telnet)
b
p.s. i would have done it for you but the site is currently hammered and
i can't get a connection.
Marco Tedone wrote:
> I wanted to try ordb.org but the site doesn't work. Is there any other
> way to test if my mail server is an open relay?
>
> Regards,
>
> Marco
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: A question of ethics
Posted by Marco Tedone <m_...@hotmail.com>.
Sorry, in this case I don't know how to use this address. Shall I use
telnet with it?
> -----Original Message-----
> From: Noel J. Bergman [mailto:noel@devtech.com]
> Sent: 27 April 2003 19:29
> To: James Users List; mtedone@jemos.org
> Subject: RE: A question of ethics
>
>
> > I wanted to try ordb.org but the site doesn't work.
>
> http://www.ordb.org/ works for me. The submission page is
> http://www.ordb.org/submit/.
>
> --- Noel
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: A question of ethics
Posted by "Noel J. Bergman" <no...@devtech.com>.
> I wanted to try ordb.org but the site doesn't work.
http://www.ordb.org/ works for me. The submission page is
http://www.ordb.org/submit/.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: A question of ethics
Posted by Marco Tedone <m_...@hotmail.com>.
I wanted to try ordb.org but the site doesn't work. Is there any other
way to test if my mail server is an open relay?
Regards,
Marco
> -----Original Message-----
> From: Marc de Oliveira [mailto:Marc@deOliveira.dk]
> Sent: 27 April 2003 18:11
> To: James Users List
> Subject: Re: A question of ethics
>
>
> I see your point but by dumping all unwanted mail I never get
> a mail that was sent to mark@deoliveira.dk by mistake (my
> mail address is
> marc@deoliveira.dk) while the sender is never warned that his
> mail never reached anybody. The result is that the sender
> gets the impression that I am ignoring him... :-(
> - Marc
>
> ----- Original Message -----
> From: "bill parducci" <bi...@parducci.net>
> To: "James Users List" <ja...@jakarta.apache.org>
> Sent: Sunday, April 27, 2003 5:31 PM
> Subject: Re: A question of ethics
>
>
> > my experience is that the best course of action is to dump unwanted
> > mail. your current solution only adds to the problem.
> >
> > b
> >
> > Marc de Oliveira wrote:
> > > This might be a little off topic but here goes:
> > > My deoliveira.dk domain has just been used as the return
> address by
> > > a spammer so that hundrets of "user unknown", "Delivery
> has failed"
> > > etc
> mails
> > > are currently streaming into my mailbox. Each mail is for a
> > > different
> user
> > > in my domain, like wwe5a4eae@deoliveira.dk or
> > > qweoi3498qw@deoliveira.dk
> etc
> > > I have now decided to consider every mail to my
> deoliveira.dk domain
> > > to
> be a
> > > spam mail except if the user name is one of the ones I use (like
> > > marc@deoliveira.dk, ebay@deoliveira.dk etc). I am still conserned
> > > that someone could be trying to reach me on an
> address
> > > that I have not specified in the James configuration file
> so rather
> > > than just sending all mails to unknown users directly to "Null" I
> > > have
> decided to
> > > use a "NotifySender" mailet that explains that I am no
> longer using
> > > the
> used
> > > mail address and that the sender should use another mail
> address to
> reach
> > > me. Obviously I don't tell which address to use instead
> because many
> > > of these mails might go to spammers. The consquence of
> doing this is
> > > that all the poor souls that have been spammed with my
> address will
> > > get even more mails when they reply to what they think is
> a spammer.
> > > Same thing happens to all the mail servers that reply with "user
> > > unknown" "unable to deliver" etc. Am I doing the right
> thing or is
> > > there another solution that would be better?
> > > - Marc
> > >
> > >
> > >
> --------------------------------------------------------------------
> > > -
> > > To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail:
> james-user-help@jakarta.apache.org
> >
> >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: james-user-help@jakarta.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: A question of ethics
Posted by Marc de Oliveira <Ma...@deOliveira.dk>.
I see your point but by dumping all unwanted mail I never get a mail that
was sent to mark@deoliveira.dk by mistake (my mail address is
marc@deoliveira.dk) while the sender is never warned that his mail never
reached anybody. The result is that the sender gets the impression that I am
ignoring him... :-(
- Marc
----- Original Message -----
From: "bill parducci" <bi...@parducci.net>
To: "James Users List" <ja...@jakarta.apache.org>
Sent: Sunday, April 27, 2003 5:31 PM
Subject: Re: A question of ethics
> my experience is that the best course of action is to dump unwanted
> mail. your current solution only adds to the problem.
>
> b
>
> Marc de Oliveira wrote:
> > This might be a little off topic but here goes:
> > My deoliveira.dk domain has just been used as the return address by a
> > spammer so that hundrets of "user unknown", "Delivery has failed" etc
mails
> > are currently streaming into my mailbox. Each mail is for a different
user
> > in my domain, like wwe5a4eae@deoliveira.dk or qweoi3498qw@deoliveira.dk
etc
> > I have now decided to consider every mail to my deoliveira.dk domain to
be a
> > spam mail except if the user name is one of the ones I use (like
> > marc@deoliveira.dk, ebay@deoliveira.dk etc).
> > I am still conserned that someone could be trying to reach me on an
address
> > that I have not specified in the James configuration file so rather than
> > just sending all mails to unknown users directly to "Null" I have
decided to
> > use a "NotifySender" mailet that explains that I am no longer using the
used
> > mail address and that the sender should use another mail address to
reach
> > me. Obviously I don't tell which address to use instead because many of
> > these mails might go to spammers.
> > The consquence of doing this is that all the poor souls that have been
> > spammed with my address will get even more mails when they reply to what
> > they think is a spammer. Same thing happens to all the mail servers that
> > reply with "user unknown" "unable to deliver" etc.
> > Am I doing the right thing or is there another solution that would be
> > better?
> > - Marc
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: james-user-help@jakarta.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
Re: A question of ethics
Posted by bill parducci <bi...@parducci.net>.
my experience is that the best course of action is to dump unwanted
mail. your current solution only adds to the problem.
b
Marc de Oliveira wrote:
> This might be a little off topic but here goes:
> My deoliveira.dk domain has just been used as the return address by a
> spammer so that hundrets of "user unknown", "Delivery has failed" etc mails
> are currently streaming into my mailbox. Each mail is for a different user
> in my domain, like wwe5a4eae@deoliveira.dk or qweoi3498qw@deoliveira.dk etc
> I have now decided to consider every mail to my deoliveira.dk domain to be a
> spam mail except if the user name is one of the ones I use (like
> marc@deoliveira.dk, ebay@deoliveira.dk etc).
> I am still conserned that someone could be trying to reach me on an address
> that I have not specified in the James configuration file so rather than
> just sending all mails to unknown users directly to "Null" I have decided to
> use a "NotifySender" mailet that explains that I am no longer using the used
> mail address and that the sender should use another mail address to reach
> me. Obviously I don't tell which address to use instead because many of
> these mails might go to spammers.
> The consquence of doing this is that all the poor souls that have been
> spammed with my address will get even more mails when they reply to what
> they think is a spammer. Same thing happens to all the mail servers that
> reply with "user unknown" "unable to deliver" etc.
> Am I doing the right thing or is there another solution that would be
> better?
> - Marc
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: james-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org
RE: A question of ethics
Posted by "Noel J. Bergman" <no...@devtech.com>.
> My deoliveira.dk domain has just been used as the return address by a
> spammer
No surprise. Wait until you see a spammer sending e-mail from
Marc@deOliveira.dk. There is absolutely nothing to prevent them from doing
so, until we start to make digital signatures a defacto requirement for
e-mail. In fact, the way that some of the spambots work, the address
harvesters know which addresses are associated with other addresses, so it
is likely that you will get spam purporting to be from someone you know, but
upon checking the headers, you will discover that it came via another route.
--- Noel
---------------------------------------------------------------------
To unsubscribe, e-mail: james-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: james-user-help@jakarta.apache.org