Handling spam in DSNs from other sites?

Furnish, Trever G TGFurnish at herffjones.com
Tue Jun 6 23:42:25 IST 2006


 

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Glenn Steen
> Sent: Tuesday, June 06, 2006 6:02 PM
> To: MailScanner discussion
> Subject: Re: Handling spam in DSNs from other sites?
> 
> On 06/06/06, Furnish, Trever G <TGFurnish at herffjones.com> wrote:
> > I have a feeling I'm missing an obvious answer, but what 
> does everyone 
> > suggest for handling DSNs from other sites (not mine) that include 
> > spam in the message?  

> Glenn Steen wrote:
> I'm sure others have other views, but ... why treat them any 
> different than any other mail? scan them, tag them, drop them....:-).
> If they are legitimate, they will pass MS/SA/AVs anyway.
> --
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se

Thanks.  However, in many cases these are actually getting through.
Since the ip address of the sending server isn't the spammer and isn't
in the RBLs those checks aren't as helpful as they would've been for the
original message.

I tend to think these aren't being sent by a spammer who's identified a
particular server with the specific intention of using the DSN for
delivery, but rather just by a worm that's using my domain addresses as
the faked sender address.  If a specific server had been targeted, it'd
probably end up in a DNSBL.  SPF would help with the original message,
but of course it does nothing to help with the bounce.


More information about the MailScanner mailing list