Ebay Phishing

[Warren Block]

On Sun, 20 Mar 2005, Christopher Nehren wrote:

> On 2005-03-20, Warren Block scribbled these
> curious markings:
>> If you have your own mailserver, most of this can be rejected by using
>> greylisting or by rejecting mail from dynamic Comcast IP addresses,
>> while still allowing mail coming from Comcast's mail servers.
>
> Which is completely and totally unfair to those of us who *can* control
> our networks and who are more than likely being blamed for things that
> we aren't even doing (i.e. machines not on Comcast's network forging
> headers).

Spam from genuine Comcast dynamic IP addresses is a serious problem. 
If someone needs to receive email from Comcast dynamic addresses, 
greylisting has no more serious effect than delaying it by half an hour.

And the mailservers that Comcast provides for dynamic IP users can be 
whitelisted, so for users who smarthost through those servers there will 
be no delay or inconvenience at all.

(FreeBSD relevant: /usr/ports/mail/milter-greylist)

> DNS blacklisting is one of the most unfair methods of stopping
> spam.

This is quite a jump from greylisting.  I was thinking more of looking 
up the Comcast listings from blackholes.us and then adding them to 
/etc/mail/access.  It depends on the severity of the problem.

> It's a real pain in the neck for me to edit my Postfix
> configuration every time some pissy netadmin decides to blacklist a
> whole netblock because of one or two (ignorant) miscreants.

What do you have to edit?  If you're in Comcast dynamic space, why not 
just smarthost through their servers?

-Warren Block * Rapid City, South Dakota USA