I realize my blog doesn't get a whole lot of traffic, but I would like to post this plea to anyone who administers a legitimate mail server that sends email.
Spam sucks. Those of us who run email servers are involved in a constant struggle against the forces of evil. Personally, I run a postfix email server, and I have enabled a series of checks to validate incoming requests. Since turning these on, the signal-to-noise ratio of incoming email is quite high. One of these checks is hostname lookup. My server, when it receives a request from some machine, must be able to find the name of that machine before it will accept email. A failure appears in the mail.log like so (I get a few dozen or so of these per day):
postfix/smtpd[9739]: NOQUEUE: reject: RCPT from unknown[www.xxx.yyy.zzz]: 450 Client host rejected: cannot find your hostname, [www.xxx.yyy.zzz]; from=<spammer@bogusdomain.nul> to=<someaddress@mydomain.nul> proto=ESMTP helo=<another.fakedomain.nul>
Recently, though, it seems there have been some community sites in which I have been interested, but when I try to sign up for them, I can't get the confirmation email (which is often the key to participation). If it was just one or two, I could accept it and move on, but there have been several in recent memory. When I check the mail.log, I can find these attempts with the above error.
While I could turn off this spam trap, or add exceptions for every site from which I want email, I find this unacceptable. There should be no reason for having to go through a configuration change to open myself to spamming, or make individual config changes for every site -- especially when this can be avoided by administrators being responsible for proper configurations. There's a reason this rule exists built-in to my mail server -- because it's a good practice to follow, and it's a practice that spammers are likely to break.
So, if you run a mail server, please make sure your outgoing email server identifies itself appropriately. It's for the common good, after all.
No comments:
Post a Comment