Subj : Re: sap/smtp interaction - wcsmtp build 451.7 To : All From : HECTOR SANTOS Date : Thu Jan 31 2019 19:18:36 Date: Mon, 01 May 2006 12:55:14 -0400 From: HECTOR SANTOS To: DAVE GOURD Subject: Re: sap/smtp interaction - wcsmtp build 451.7 Newsgroups: win.server.smtp.&.avs Message-ID: <1146502514.46.1146451518@winserver.com> References: <1146451518.46.1146428375@winserver.com> X-WcMsg-Attr: Rcvd X-Mailer: Wildcat! Interactive Net Server v7.0.454.5 Lines: 67 On 4/30/06 10:45 PM, DAVE GOURD wrote to HECTOR SANTOS: > I understand the 'bad practice' concept. I have never seen this before in all > the years running this. Have seen lots and lots of days where there were > dozens and dozens of blank entries in some sessions, but never with the > spammer being so intent as to go ahead and send the BS anyway after our > system politely says we don't want any. > > Maybe it happens a lot to others, I have just never seen it before; probably > wouldn't if I did not watch the smtptrace logs (or even have it active). It happens quite a bit. In fact, they are intent in finding systems that are not very strong in stopping it from being accepted. > Now I just have to figure out what to do about the criminals that are sending > spam out spoofing our domain! :( - thousands of false bounces coming in from > all over, 2d time they've joe job'd me this year already! > > Any suggestions? SPF record is in place (I think I got it set up right now), but > that is of little consolation with so many systems out there not in tune to the > process. Someone told me to get the FBI or feds involved, and get a lawyer > cause might be able to sue the rats, but this sounds like more trouble to me > than it (actually they, as in crooked spammers AND crooked lawyers - an > honest guy ain't got a chance it seems) would be worth. > > Thanks Hector, at least I know my WC isn't broke. Have another question but > in another post... You're not going to stop criminals. All you can do is protect yourself and hopefully others will be reading your SPF and they are protecting you too in their domains when they see your spoof coming in. SPF is the only standard we have and its only has hit a high 30% of the market. So as much and more add SPF, the better for all of us. I happen to believe WCSAP with all the combination of things it does, does as much as it can at the SMTP level to protect you. There are new standards being invented but we are a long way from finishing this and the way it looks, I wouln't hold my breath it will work well enough to make a difference. From a legal standard, in the US, if you prove harm to your system (including proof of increasing the cost of the operations and hardware to protect you) and I think the FBI has a $5,000 minimum before they even bother (it use to be $25K), then maybe you have a case. But you got to find them. The FBI will not look for them unless it was a national security issue. But if you know who they are, then you have laws on your side. But you have to protect yourself as much as you possibly can. Today, that will be the first thing the FBI or anyone will ask of you. In fact, in certain country, it will be begin to be considered malpractice if you don't. If your users are harm, well, they might put the blame on you for being negligent. We are not there yet in the US, but its a definitely a case waiting to happen. It all comes down to "harm" and the cost of the harm. No harm - no foul. That is pretty much how law and order behaves. HLS --- Platinum Xpress/Win/WINServer v3.1 * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013) .