Slashdot Mirror

Oh, c'mon, that's covered in RFC1918, isn't it? I didn't even have to look the number up. Step One was observe the standards.

The real problem is 800 lb gorillas who ignore and subvert Internet standards for competitive advantage, and the ITU is not exactly set up to chastise that sort of actor. These are the people who gave us X.500, for chrissakes! If there's anybody less trustworthy than the US government it would be a consortium of telecommunications giants.

Oh, c'mon, that's covered in RFC1918, isn't it? I didn't even have to look the number up. Step One was observe the standards.

The real problem is 800 lb gorillas who ignore and subvert Internet standards for competitive advantage, and the ITU is not exactly set up to chastise that sort of actor. These are the people who gave us X.500, for chrissakes! If there's anybody less trustworthy than the US government it would be a consortium of telecommunications giants.

Just so everybody knows, you can always report problems like this at RFC-ignorant.org.

Perhaps what we need is an RFC hall-of-shame... when we find websites that don't support the +, add their domain name to the roster.

Like rfc-ignorant.org?

Although I agree that publishing an address of 127.0.0.1 would be far more considerate and equally simple, you shouldn't propagate the myth that RBLs "block email". They don't. That's a false statement that is used by spammers and other criminals to justify attacking advisory services such as RBLs. Sometimes judges fall for this tactic and we all suffer when criminals and spammers get judges on their side.

Except in extreme cases (like Comcast's cable network) only mail administrators and their systems block email, although they can choose to use RBLs to advise them of what to block. If a person chooses poorly from the many people and organizations that offer advice, that is a MAIL ADMINISTRATOR FAILING AT HIS OR HER JOB. If a site chooses not to have a mail administrator yet allows outside blacklists to be used (to reject, rather than as part of a weighting scheme a'la SpamAssassin) then that site has FAILED. It's not the RBL's fault. You wouldn't blame Sony if I rigged up an Aibo to drive my car and it drove through your house, you'd blame me for being a moron, and sites that have unadministrated mailservers have made a similarly stupid decision.

We're supposedly computer geeks around here. We shouldn't propagate myths like "RBLs block emails" or "it's OK to have a mailserver with no postmaster". The RFCs require a postmaster. Postmasters choose how to filter mail.

here's the bl's that i am using with sendmail that would go into your siteconfig.mc file -- that through trial and error -- i have found have zero false positive hit rate... n.b. that the XXX.r.mail-abuse.com (RBL) & XXX.q.mail-abuse.com (QIL) bl's require that you to have a subscription to Trend Micro Advanced Email Reputation Services at http://us.trendmicro.com/us/products/enterprise/ne twork-reputation-services/index.html -- you can get a free trial at https://nssg.trendmicro.com/download/trial/trial-s ervices.php?id=66 --
make sure you select "Email Reputation Services, Advanced". you would then replace the "XXX" in the below with the activation code they would send you:

FEATURE(dnsbl, `XXX.r.mail-abuse.com.', `"550 Mail from " $&{client_addr} " BLOCKED/RBL; see http://www.mail-abuse.com/cgi-bin/lookup?ip_addres s=" $&{client_addr}')

FEATURE(dnsbl, `zen.spamhaus.org.', `"550 Mail from " $&{client_addr} " BLOCKED/ZEN; see http://www.spamhaus.org/query/bl?ip=" $&{client_addr}')

FEATURE(dnsbl, `bhnc.njabl.org.', `"550 Mail from " $&{client_addr} " BLOCKED/BHNC; see http://www.njabl.org/lookup?" $&{client_addr}')

FEATURE(dnsbl, `bl.spamcop.net.', `"550 Mail from " $&{client_addr} " BLOCKED/COP; see http://www.spamcop.net/w3m?action=checkblock&ip=" $&{client_addr}')

FEATURE(dnsbl, `list.dsbl.org.', `"550 Mail from " $&{client_addr} " BLOCKED/DSBL; see http://www.dsbl.org/listing?" $&{client_addr}')

FEATURE(rhsbl, `dsn.rfc-ignorant.org.',`"550 Mail from domain " $`'&{RHS} " BLOCKED/DSN; MX of domain dose not accept bounces in violation of RFC 821/2505/2821, see http://www.rfc-ignorant.org/tools/lookup.php?domai n=" $`'&{RHS}')

FEATURE(rhsbl, `bogusmx.rfc-ignorant.org.',`"550 Mail from domain " $`'&{RHS} " BLOCKED/BMX; MX of domain contains bogus address information in violation of RFC 1035/3330, see http://www.rfc-ignorant.org/tools/lookup.php?domai n=" $`'&{RHS}')

FEATURE(dnsbl, `XXX.q.mail-abuse.com.', `"450 Mail from " $&{client_addr} " BLOCKED/QIL; see http://www.mail-abuse.com/cgi-bin/lookup?ip_addres s=" $&{client_addr}')

FEATURE(dnsbl, `safe.dnsbl.sorbs.net.', `"450 Mail from " $&{client_addr} " BLOCKED/SAFE; see http://www.dnsbl.sorbs.net/lookup.shtml?" $&{client_addr}')

i also use the http://hcpnet.free.fr/milter-greylist greylisting package as well as spamassassin with some custom score tweaks available at http://iconia.com/user_prefs. all this keeps my mailbox as well as other users at a college radio station and a commercial asp with lots of public email addresses on their respective websites relatively spam free.

respectfully submitted,
geoff goodfellow

here's the bl's that i am using with sendmail that would go into your siteconfig.mc file -- that through trial and error -- i have found have zero false positive hit rate... n.b. that the XXX.r.mail-abuse.com (RBL) & XXX.q.mail-abuse.com (QIL) bl's require that you to have a subscription to Trend Micro Advanced Email Reputation Services at http://us.trendmicro.com/us/products/enterprise/ne twork-reputation-services/index.html -- you can get a free trial at https://nssg.trendmicro.com/download/trial/trial-s ervices.php?id=66 --
make sure you select "Email Reputation Services, Advanced". you would then replace the "XXX" in the below with the activation code they would send you:

FEATURE(dnsbl, `XXX.r.mail-abuse.com.', `"550 Mail from " $&{client_addr} " BLOCKED/RBL; see http://www.mail-abuse.com/cgi-bin/lookup?ip_addres s=" $&{client_addr}')

FEATURE(dnsbl, `zen.spamhaus.org.', `"550 Mail from " $&{client_addr} " BLOCKED/ZEN; see http://www.spamhaus.org/query/bl?ip=" $&{client_addr}')

FEATURE(dnsbl, `bhnc.njabl.org.', `"550 Mail from " $&{client_addr} " BLOCKED/BHNC; see http://www.njabl.org/lookup?" $&{client_addr}')

FEATURE(dnsbl, `bl.spamcop.net.', `"550 Mail from " $&{client_addr} " BLOCKED/COP; see http://www.spamcop.net/w3m?action=checkblock&ip=" $&{client_addr}')

FEATURE(dnsbl, `list.dsbl.org.', `"550 Mail from " $&{client_addr} " BLOCKED/DSBL; see http://www.dsbl.org/listing?" $&{client_addr}')

FEATURE(rhsbl, `dsn.rfc-ignorant.org.',`"550 Mail from domain " $`'&{RHS} " BLOCKED/DSN; MX of domain dose not accept bounces in violation of RFC 821/2505/2821, see http://www.rfc-ignorant.org/tools/lookup.php?domai n=" $`'&{RHS}')

FEATURE(rhsbl, `bogusmx.rfc-ignorant.org.',`"550 Mail from domain " $`'&{RHS} " BLOCKED/BMX; MX of domain contains bogus address information in violation of RFC 1035/3330, see http://www.rfc-ignorant.org/tools/lookup.php?domai n=" $`'&{RHS}')

FEATURE(dnsbl, `XXX.q.mail-abuse.com.', `"450 Mail from " $&{client_addr} " BLOCKED/QIL; see http://www.mail-abuse.com/cgi-bin/lookup?ip_addres s=" $&{client_addr}')

FEATURE(dnsbl, `safe.dnsbl.sorbs.net.', `"450 Mail from " $&{client_addr} " BLOCKED/SAFE; see http://www.dnsbl.sorbs.net/lookup.shtml?" $&{client_addr}')

i also use the http://hcpnet.free.fr/milter-greylist greylisting package as well as spamassassin with some custom score tweaks available at http://iconia.com/user_prefs. all this keeps my mailbox as well as other users at a college radio station and a commercial asp with lots of public email addresses on their respective websites relatively spam free.

respectfully submitted,
geoff goodfellow

Just to clarify, sending back an auto-reply that says "Hi, thanks for writing to postmaster@foo.com; we don't bother to monitor this account, so your message has been deleted," doesn't make you RFC2821 compliant. (Not implying that you thought that, just wanted to make sure everyone is clear.)

Auto-replies that confirm that a message has been received are OK ("Hi, thanks for writing to postmaster@foo.com; your message was received and will be dealt with by a staff member"), but only if there's eventually some followup. The RFC is pretty clear that the abuse and postmaster addresses should be monitored by a person; everything else is just optional window dressing.

Microsoft just blackholes both of those addresses. I've never gotten any further messages from them in response to any of the spam I've ever forwarded their way, but I suppose it's possible, or was possible at one point, that they were looking at it. But I've never gotten jack from them, and they're on the rfc-ignorant.org shitlist. (Which is a tremendously easy shitlist to get removed from, so I doubt it's in error.) What Hotmail/MS would like you to do is apparently go to some page on their site that relates to spam, but I've never visited.

Yahoo is likewise on the rfc-ignorant list, although they apparently just bounce with a "552 mail size or count over quota" error; although I think I've sent them stuff and not gotten a bounce message of any kind. (So either they're reading it and just haven't bothered to click the link to get themselves off the rfc-ignorant list, or they blackhole incoming messages silently, which would be very evil.)

Interestingly, Gmail.com and Google.com are not on the list, and neither is hushmail.com, aim.com, or inbox.com, although Lycos and its subdomains (I didn't even know they were still in business) are.

One of the (many) things I hate about Hotmail is that Microsoft blatantly ignores anything sent to its postmaster and abuse addresses, so there's really no way to notify them of spam being spewed from their system. In fact, if you send a message to postmaster@hotmail.com, they send back a pretty snarky response telling you that nobody reads it.

What a cesspool. Hotmail has always been the ghetto of the internet, but now it's clear that it's infested with criminals, as well as just the technologically illiterate.

Time to blackhole it.

A lot of the RBL's reference each other. So adding more then 2 or 3 usually is redundant.

I've had GREAT results with them.

http://rfc-ignorant.org/ has been a great one for me.

Anonymous Yahoo! Employee: We do have teams of people who work to fight any abuse of any of our products.

Unblock and properly 'man' abuse@yahoo.com and abuse@yahoo-inc.com then we'll talk about stopping user wrongdoing at Yahoo!

Proof from rfc-ignorant.org:

http://www.rfc-ignorant.org/tools/detail.php?domai n=yahoo.com&submitted=1123294881&table=abuse

http://www.rfc-ignorant.org/tools/detail.php?domai n=yahoo-inc.com&submitted=1123294118&table=abuse

You corporate tool... :P

As are about all gainfully/legally employed people [like myself at the moment] not gainfully/legally self-employed... =/

If you are 100% self-employed, count your blessings -- you've escaped the 'rat race' that saps the vitality of mankind everywhere in the name of 'increased corporate profit'....

Anonymous Yahoo! Employee: We do have teams of people who work to fight any abuse of any of our products.

Unblock and properly 'man' abuse@yahoo.com and abuse@yahoo-inc.com then we'll talk about stopping user wrongdoing at Yahoo!

Proof from rfc-ignorant.org:

http://www.rfc-ignorant.org/tools/detail.php?domai n=yahoo.com&submitted=1123294881&table=abuse

http://www.rfc-ignorant.org/tools/detail.php?domai n=yahoo-inc.com&submitted=1123294118&table=abuse

You corporate tool... :P

As are about all gainfully/legally employed people [like myself at the moment] not gainfully/legally self-employed... =/

If you are 100% self-employed, count your blessings -- you've escaped the 'rat race' that saps the vitality of mankind everywhere in the name of 'increased corporate profit'....

+OK 891 octets
Return-Path: spamvic@0451.com
Received: from admin-fd611d5fa (unknown [202.138.168.92])
    by mx2.hotpop.com (Postfix) with ESMTP
    id 16BCB39234E0; Wed, 12 Jul 2006 13:30:11 +0000 (UTC)
Date: Thu, 13 Jul 2006 05:25:31 +0480
From: "Russell Ayers" spamvic2@0451.com
X-Mailer: The Bat! (v3.0.0.15) Educational
Reply-To: "Russell Ayers" spamvic2@0451.com
X-Priority: 3 (Normal)
Message-ID: 589298365.20060713052531@0451.com
To: spamvic@hotpop.com
Subject: (CF13-SMTP [SpamByte=000:]) 1YR
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-HotPOP-Delivered-To: iamcf13@hotpop.com
X-MTA: CF13-SMTP(TM) / CF13-POP3(TM) http://www.cf13.com/
X-CF13-SMTP-ID-Message: 20060712121326.CF13-POP3@254.168.168.192.in-addr.a rpa
 
    He didn't answer. The water was making a lot of noise.
demonstrating love was to give something of the truth that he had seen to
returned my pass, and said without any of the niceties:
pure Outlaw, if that's the way they want it. And I'll make them so
.

No shit?

Even though I think their decision to charge $ in this way it a bad choice, it's not my threshold of blocking them (AOL). When AOL stops reading email sent to abuse@aol.com (which they occassionally have done), I'll be blocking them for that. Right now, I get _very_ little spam sourcing from AOL, so I haven't had to test that address recently. (It's currently not listed in the RFCi DNSbl.)

Yet another example of big Companies ignoring internet standards.

http://www.rfc-ignorant.org/policy-abuse.php

Um, no.

The reserved mailbox name may be used in a RCPT command "postmaster" without domain qualification see section 4.1.1.3) and MUST be accepted if so used.

So. What this means is that someone can do "RCPT TO:<postmaster>" instead of "RCPT TO:<postmaster@example.com>" and you must accept the SYNTAX of "postmaster" without the domain qualification. It does not mean that you have to accept the entire transaction, or even the command.

Furthermore, even if you DO misread that statement into saying that I MUST accept RCPT commands addressed to postmaster, I can STILL reject the HELO, MAIL From: and DATA parts "for policy reasons". Reading section 3.3 in the paragraph after MAIL FROM:, you will also read that I can optionally delay rejecting the senders address until after I look at where he wants to send it TO. This means that I can accept Mail From, then reject it at RCPT time if I so choose based on local policy.

Let's go one further. Let's say I use a local blacklist to populate a firewall rule. You can't even TALK to my mail server. Does THIS still violate the (misinterpreted version of the) RFC?

You can't read each sentance of the RFC and interpret them individually. You need to read the whole thing to understand what they say. Context is VERY important. Basically, local policy decisions can override just about everything. Nobody is "forced" by the RFC's to do anything.

Read up on the rfc-ignorant.org postmaster policy and maybe you will realize that even the RFC anal people understand that it's OK to reject mail to postmaster for policy reasons.

AOL had a great process for getting whitelisted with them- they checked that you were legit, that your mail servers handled bounces correctly, and that your systems were rfc whatever compliant.

AOL is *STILL* RFC ignorant!

(Unless abuse@aol.com is working properly again like it should....)

If the offending domain is on file at rfc-ignorant.org, sending an abuse report to them is a waste of time and resources.

Blacklist the offenders instead. (which includes major players like aol.com, rr.com, and comcast.net)

When enough people complain and 'jump ship' at the blacklisted domains, the income lost will motivate the 'powers that be' there to address the situation properly or else they will eventually go out of business.

Actually, I take that back. I will respond to your reply with a point and a request. First the point. Spam far pre-dated that 1997 RFC. Apparently you weren't using email until after 1997. Secondly the request. Please submit your domains to RFC-I so we responsible administrators can easily distinguish your domains from those with responsible administrators. If as you say you have no problem with people blacklisting you then you should have no problem submitting your domains. Let me make it even easier for you. Here is the link to postmaster @ yourdomain. Here is the link to abuse @ yourdomain. Good bye.

Actually, I take that back. I will respond to your reply with a point and a request. First the point. Spam far pre-dated that 1997 RFC. Apparently you weren't using email until after 1997. Secondly the request. Please submit your domains to RFC-I so we responsible administrators can easily distinguish your domains from those with responsible administrators. If as you say you have no problem with people blacklisting you then you should have no problem submitting your domains. Let me make it even easier for you. Here is the link to postmaster @ yourdomain. Here is the link to abuse @ yourdomain. Good bye.

Since your link is not actually a blacklist [...]

It is not?

Since your link is not actually a blacklist [...]

It is not?

Moderators, please moderate the parent down for being a fool giving fool's advice.

Make sure addresses like postmaster@ and abuse@ work. They're unlikely to get spammed, but may well receive important messages.

postmaster@ is actually required by rfc2821, btw.

As for the subject of the discussion; my catch-all addresses have been fine, but YMMV. If I was that worried about dictionary attacks, but still wanted the ability to give a new address out to each company, I'd do something like *-signup@mydomain or *@signup.mydomain or similar, but you might not have that level of control (in which case I'd recommend finding somewhere better to host your email, but *shrug*).

It could be that 66.35.250.206 which is lists.sourceforge.net (which makes sense) is a firewall machine or load balancer that all the outgoing mail goes out through and that the name is different because if someone sends incoming connections it takes a different pathway, I am not sure. I think there are just too many different firewalling and load balancing methodologies for the reverse thing to ever work consistently.

If you want to try to get admins to pay more attention to overall configuration issues and screen out those who don't follow certain RFC rules then check out RFC Ignorant
I find that domains that refuse to create and respond to proper admin addresses are people who tend to fluant other rules and netiquette. The bogusmx list is especially telling because pure spam domains sometimes will list bogus MX records.

What about using the OpenBSD spamd with greylisting to greylist everything that isn't known to fight back, when it finds an actual spammer, spamd ties up the spammer's or zombies connections (by only return one character per second) without using alot of your resources. Spammers don't make alot of noise about this because they don't want to bring attention to the only thing that is really effective as far as giving them some trouble - other than that guy who fills up their product website forms with fake credit card info Unsolic Commando. If these two techniques caught on, it could put a serious crimp in spammers easy lives.

This is where it is even scarier that spammers are "hooking up" with virus writers. Sure, it used to be the virus would just send copies of itself to your friends and family. But, now they're getting sophisticated enough to become open relays for spamming or even *hosting the website* that the spam points to (!).

You omitted an option. 2.5: peer policing. Other networks deciding they're not going to put up with your sh*t and drop your packets. Viz: SPEWS, SpamCop, Spamhaus, etc.

SPEWS listed over 9 million Comcast IP addresses a few weeks ago due to ongoing mishandling of network abuse (the entry reads "Poster child of how not to run a broadband network company". This may have had some impact.

I've been going rounds myself with an indivdual manning a /16 for which no postmaster or abuse record exists, and IP WHOIS contacts fail. He still doesn't seem to understand just why this is a problem. However several of the issues were cleared up after customer mail started being blocked by sites referencing RFC-Ignorant.

One discussion that's been going on is the creation of a DNSRBL for sites that do this.

Perhaps, however, instead of reinventing the wheel, we could use existing solutions; send a virus-infected email to postmaster@ the offending domain, and/or abuse@ the offending domain.

If you get a bounceback that makes it clear no human will see the message, that meets the criteria for submission to RFC-ignorant

Both AOL's and T-Online's abuse departments aren't that bad. If you know some people who work there and inform them directly about abuse, they'll react quickly and correctly.

What's wrong on both ISPs is the way abuse notifications are being handled officially, that is, if you don't know any people there and inform them via official addresses. abuse@aol.net seems to be equivalent with /dev/null - e. g. the German AOL abuse team won't ever see any emails sent to this address, and if they do, it's way too late. abuse@aol.de (which might be useful to reach them directly) doesn't exist, that's why aol.de is listed on rfc-ignorant.org.

T-Online has a slightly different problem. Their Whois records list "abuse@t-ipnet.de" for abuse notifications. A few days or even a week later you'll receive a message by T-IPnet Abuse, telling you that they just forwarded it to T-Online.

/.
DocSnyder.

Administrative Contact, Technical Contact:
VeriSign, Inc. (KISYRULTXO) vshostmaster@VERISIGN.COM
487 E MIDDLEFIELD RD
MOUNTAIN VIEW, CA 94043-4047
US
650-961-7500 fax: 650-961-8870

I guess that is the best place to complain...

I also noted that verisign was reported to RFC-ignorant.org

:-)

I'm not a Anonymous Coward, my name is Goran and I'm a Lazy Coward!

$ whois legend.co.uk

Domain Name:
legend.co.uk

Registrant:
The Legend Internet

Registrant's Agent:
Legend Internet LTD [Tag = LEGEND]
URL: http://www.legend.co.uk

Relevant Dates:
Last updated: 06-Feb-2002

Name servers listed in order:
ns1.legend.net.uk 212.69.226.1
ns2.legend.net.uk 212.187.157.218

WHOIS database last updated at 13:25:01 12-Sep-2003

Nominet, the registrar for all UK domains, has elected not to include any contact information addresses, phone number and e-mail) for domain-holders of .UK domains in violation of the spirit of RFC954

So, if a domain is misbehaving, where else should we send complaints other than the info which is available from the whois database? I think the whois.rfc-igorant.org database is going to grow a bit...

The real problem is large ISPs/backbones like UUNet/MCI, Cogent, Comcast, Level3, China Netcom, AT&T, Brasil Telecom, and Above.net (among others) who flat-out refuse to do anything about the spammers to whom they provide connectivity.

Complaints sent to any of them are promptly auto-acked and then /dev/nulled (if they don't bounce) and so the spammers keep on spamming, most likely due to ephemeral pink contracts and the crooked marketing/sales departments that agree to them, who then put pressure on abuse personel and network admins to ignore complaints about the contracted spammers.

Because of this, those large ISPs and backbones end up on blacklists, DNS blocklists, and a wide variety of other filters. For them, the money they make off the spammers seems to be of greater concern than the money they make off legitimate customers, i.e. those who end up with their netblocks on every blacklist because of who their providers are.

If it weren't for rogue ISPs and backbones, there would be little use for blacklists or blocklists. However, those reprehensible companies do exist. And because of their policies on spam, they continue to be blocked. Money gained from spammers guarantees the blacklists' continued existence.

It's all just cause and effect. As much as it sounds like a conspiracy theory, I truly believe that it isn't, after fighting spam, one email at a time, since 1997.

Or are they RFC ignorant. It would be a tragedy if we had to join the terrorists by blacklisting whitehouse.gov.

Heh, one would expect www.rfc-ignorant.org to be compliant with Internet standards. It's, however, not when it comes to HTML at least...

This isn't a customer support issue as much as it is a your-server-is-being-over-anal-and-you-probably-wa nt-to-know-about-it issue. Email postmaster@host, if that doesn't work, submit them to postmaster.rfc-ignorant.org and call their NOC.

After dozens of attempts to get AOL to implement the most rudimentary outgoing filters on their Email system, and getting ZERO response, I have regretfully informed our user base that we will no longer accept any Email emanating from any machine with an AOL.COM IP address.

They are breaking the rules of the Internet (see: SMTP RFCs) by improperly implementing postmaster@aol.com (see rfc-ignorant .orgfor details) and their mail relays have sent hundreds of viruses into my domain.

I have asked all AOL users at my site who wish to continue emailing their home addresses from work to get a new service provider and given them two months to do so. I have recommended several small local ISPs to them that I know provide good service and never allow easily detected virii like Yaha, Klez and SoBig to transit their mail hubs.

We, fellow slashdotters, can use our enormous power as administrators of email hubs to get AOL's attention - since it seems more civilized methods are useless. The social contract of the Internet is simple; play by the rules (i.e. implement the required RFCs) or you are not part of the community.

The best you can do is chase - legally if necessary - those who steal your work, and gain whatever compensation you can. Oh, and make sure that copyright is broadly proclaimed in the first instance, too.

No, the `bot shouldn't crawl past robots.txt (rfc-ignorant, anyone?). But, given that it does, the next best bet is to IP/domain/UA block it, and/or password protect (using whatever passwords you like, if it's meant to be somewhat viewable).

It's a simple, albeit should-be-unnecessary, rule. And yes, it's sad that there are unscrupulous people out there, but that's the way it is.

If you don't send or receive mail from your domain, the RFC doesn't apply. However, it is still a good idea to maintain a postmaster account -- spam spoofing (or viral spoofing a' la Klez, etc.) is sufficiently prevalent that your site may end up on blacklists...and if you ever do decide to run mail services, you may find few sites willing to peer with you.

The RFC-Ignorant site lists the relavent criteria for listing domains in violation of postmaster, abuse, whois, and other RFC requirements.

Any system that includes an SMTP server supporting mail relaying or delivery MUST support the reserved mailbox "postmaster" as a case-insensitive local name. This postmaster address is not strictly necessary if the server always returns 554 on connection opening (as described in section 3.1). The requirement to accept mail for postmaster implies that RCPT commands which specify a mailbox for postmaster at any of the domains for which the SMTP server provides mail service, as well as the special case of "RCPT TO:" (with no domain specification), MUST be supported.

SMTP systems are expected to make every reasonable effort to accept mail directed to Postmaster from any other system on the Internet. In extreme cases --such as to contain a denial of service attack or other breach of security-- an SMTP server may block mail directed to Postmaster. However, such arrangements SHOULD be narrowly tailored so as to avoid blocking messages which are not part of such attacks.

Slashdot's RFC-ignorant too.. Bounces abuse@ emails.

Accord to them, we therefore need to SMTP ban slashdot.org!

If only we could also have smtp bans for domains that don't have a valid abuse@ address.

Have you checked rfc-ignorant.org?

According to you do not comply with the RFCs that govern SMTP traffic.

By their definitions, auto-replying to your "postmaster@aol.com" account with machine-generated directions to mail some other address does not satisfy the requirements of RFC2821. And public statements that you will not answer messages sent to "postmaster@aol.com" is a clear violation of RFC2821 in anybody's book.

If AOL can't play by the rules, they should shut down their Internet gateways and go back to being a private service. AOL users are paying good money on the assumption that AOL will try to interface correctly with the rest of the world, rather than inventing their own rules.

I personally maintain the postmaster addresses for the corporate and private Email systems I administer, and I have far fewer staff and far less money than you do. If you can't handle the job, you should close up shop and find another business to be in. Whining about Slashdot bias when you are not following the RFCs just makes you look like a bunch of crybabies.

I realize this is OT, but with no human postmaster how was I supposed to talk to you about this?

Anybody who remains on the RFC-IGNORANT-POSTMASTER listings for as long as you have obviously isn't doing the job right. It's trivial to get off their list -- unless you are both incompetent and obnoxious.

Not accepting mail with a null from field is a violation of rfc 1123 specifically section 5.2.9. The from field is not the only way to bounce a message and if one of the other ways is specified in an already bounced message than rejecting mail with a null from can create a mail loop. This results in other people not accepting mail from people who don't accept mail with null froms.

The big thing is that email is one of the "killer apps" of the Internet. Any anti-Spam solution has to be universal. I do not see micropayments for email ever being universal. This would mean that every single ISP across the globe would have to go to it to truly work.

Why does it have to be universal? And why does every single ISP have to do it?

Let's look at existing anti-SPAM measures, like MAPS and RFC-Ignorant. As such businesses like to point out, they are not a filter or censor - they are merely a list which individuals and groups may choose to use to filter their email. The same is even more true at the MUA level, where individuals may or may not use or implement filtering (such as SpamAssassin Pro)

Also, the need for it is not universal, so why need the solution be? How much is your time worth? Would it be worth it to you to charge - and be charged - a miniscule amount to have a reasonably clear email stream? How about your mother? How about the CEO of your company? Different people have different thresholds of need, and different willingness to pay and/or inconvenience their correspondents.

Systems already exist which automate the process of kicking unknown sender's mail back with instructions on how to overcome the block - again, it's something individuals choose to use today, without killing the "universal" nature of email.

And you do not get to the real question: How is micropayments for email not a step backwards.

It is a given that the problem with SPAM is that it costs the sender nothing, and there is no market restraint upon it. Therefore, I took it as a given that some form of cost is involved in the solution. You take that as a backwards step. I don't neccessarily agree - but I retain the right not to send people email if I don't feel they are worth dropping .001 cents on.

Not everything that is free is good, and not everything which costs is bad.

(You also decided not to touch upon the issue that a lot of people have problems with PayPal, the example you decided to use - these types of problems are always going to arise when it comes to a universal system involving people's money)

Of course not - because such problems are not unique to the Internet or Micropayments, but have existed since Ogg first required Mog to exchange clam shells for food. It is a given that such a system will either be regulated or not, and will either be trustworthy or not. It is also a given that even with the best controls, someone somewhere will get scalped someday, because humans suck.

I applaud the US judical system for approving and using such laws in America, but the whole world isn't the USA. We need a world-trade law, perhaps mandated by the WTO, to prevent spammers from breeding.

It's been a long day -- I read this and had a mental picture of a law that required all spammers to use condoms.... ;)

On a more serious note, international law isn't up to dealing with spam and spammers yet, and I don't think it will be any time soon. It can't even deal with terrorism and terrorists effectively. :/

Of course, there's always relays.osirusoft [osirusoft.com] - a cross-referenced database of nearly all DNS blacklists.

Osirusoft is an excellent resource, but it doesn't contain anything even close to all of the available anti-spam blacklists. MAPS is pretty irrelevant these days, but don't forget the DSBL , Five-Ten-Sg , Monkeys.com , RFC-Ignorant , and Wirehub , all of which are publicly queryable and none of which are mirrored by Osirusoft.

There are a whole bunch of other blacklists out there, as well. Not all are well maintained and not all have consistent policies about which IP ranges or domains get listed and how a domain can be removed, though, so I stick to the established ones.

I wonder whether .gov will find itself listed in on rfc-ignorant for this.