[vox] spam question
Nick Schmalenberger
nick at schmalenberger.us
Tue Apr 15 15:46:55 PDT 2008
On Tue, Apr 15, 2008 at 12:47:52PM -0700, Cylar Z wrote:
> Hey all,
>
> As I'm sure is the case with many of you who run your
> own Internet-connected servers w/ Linux, I get a lot
> of spam relay attempts. I have configured my postfix
> to avoid the open relay problem and I have yet to see
> anything in the logs which suggests that any of these
> attempts have succeeded.
>
> I get an average of 3-4 failed spam attempts each day.
> The overwhelming majority come from China or Korea,
> though I do sometimes see other types of failed
> attacks (mod_proxy, etc) from Europe and other parts
> of the world.
>
> Sometimes I do a WHOIS on the originating IP address,
> and among other information it returns an email
> address along the lines of "report spam to
> abuse@<hostname>.com."
>
> My question: How often (or do you?) take the time to
> report spam relay, mod_proxy, or crack attempts to the
> address provided? And if you do complain, what exactly
> do you send them? A snippet of your log entry? Would
> there be any additional security concerns raised by
> providing the offending ISP with your own hostname or
> IP address?
>
> Or do you believe that the ISP's admin is himself
> responsible in many of these cases and that
> complaining would therefore be futile?
>
> Your thoughts, please.
>
> Thanks, Matt
>
I think this software
http://www.vipul.net/perl/sources/spamcontrol/ricochet/
does what you are talking about. I haven't used it myself or even heard
much about it lately, so I can't tell you how effective it is.
Apparently Bill Kendrick or Ryan Castellucci may have experience with
this:
http://www.lugod.org/mailinglists/archives/vox/2001-10/msg00092.html
http://www.lugod.org/mailinglists/archives/vox/2002-01/msg00001.html
Hope this helps.
Nick Schmalenberger
More information about the vox
mailing list