What to do about brief text messages with misspelling?

Vernon Schryver vjs@calcite.rhyolite.com
Tue Jul 8 16:33:40 UTC 2008

> From: "John Levine" <johnl@iecc.com>
> To: "Gary Mills" <mills@cc.umanitoba.ca>

> > I had a complaint the other day from one of our users who is receiving
> > many stock pump spam messages.

> > What else can we do about this spam?  The sending computers are all
> > listed on the PBL, which we don't currently use.  Is this our only
> > hope?  I'm reluctant to use that blocklist because we have clients on
> > networks that are listed there.  Using it would force clients to use
> > authentication to send e-mail, generating complaints from legitimate
> > users.  Yes, we may even have legitimate users in Peru and Viet Nam.
> I'd bite the bullet, use the PBL, and get your Asian clients to fix their 
> configurations.  It's one time pain for long term benefit all around.

I agree with John, but a compromise might be to whitelist those clients
instead of getting them to change their configurations to use some
form of SMTP authentication.  Whitelisting might require more work on
the SMTP server side, but little or no work by the client.

If they can be whitelisted by IP address, perhaps their addresses
should not be in the PBL.  On the other hand, if their IP addresses
should be in the PBL, then either they are violating the terms and
conditions of their ISPs or they are likely sources of spam.

There is another possibility.  I've long wondered about changing the
DCC client code support for DNS blacklists to have two sets of blacklists.
Individual users can enable or disable DNSBL checks for their mail done
by dccm, dccifd, or dccproc.  If there were two sets with separate controls,
you could put the PBL into the second set and let that user enable it
for only that mailbox.  Would adding that complication be worthwhile?

Vernon Schryver    vjs@rhyolite.com

More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.