O.T. question - how to deal with choicemail c/r spam

Ken A ka at pacific.net
Fri Oct 26 17:03:58 IST 2007 

Alex Neuman van der Hans wrote:
> If there is *any* way of parsing *anything* on the message, let us know. 
> Someone could write an MCP rule so you could probably quarantine (or 
> just "get rid of") all that choicemail and other C/R crap.


The "X-ChoiceMail-Registration-Request" header is present in choicemail 
auto-responses, so an SA rule is easy. However, I'm leaning towards 
using milter-regex to reject rather than quarantine. I don't want anyone 
to think they can whitelist this junk.

Ken

> 
> Ken A wrote:
>> Hugo van der Kooij wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Ken A wrote:
>>>> How do you all deal with this C/R stuff, when it's one of your 
>>>> customers
>>>> using it?
>>>>
>>>> Choicemail is some kind of outlook plugin that bounces back all mail -
>>>> doing the usual C/R thing - but directly from the MUA.
>>>>
>>>> I guess it's time to re-write the anti-spam policy one more time to 
>>>> rule
>>>> out any kind of spam bouncing.
>>>>
>>>> How have you dealt with this? Do you filter outgoing mail that is from
>>>> this sort of software (choicemail, mailwasher, etc..) ?
>>>
>>> MUA's are suposed to talk to the MTA's only. Anything else and the
>>> firewall gets real cranky.
>>>
>>
>> good firewalls make good neighbors, yes.. I guess I didn't explain it 
>> properly. choicemail is a plugin or add-on that simply auto-responds 
>> to all email with a challenge that directs senders to a link on the 
>> choicemail website. The mail goes out through the MTA (us). But this 
>> this is a different architecture than other C/R systems that are 
>> responsible for their own outgoing mail. Instead of a proxy, or a 
>> separate MX that filters and does the C/R, WE ARE NOW sending this 
>> junk out through our MTAs.
>>
>> So, we're putting a stop to it, but I just wondered if anyone out 
>> there had experienced the crossfire of choicemail or other crapware 
>> that auto bounces everything or nearly everything, and what you did to 
>> deal with it.
>>
>> Ken
>>
>>
>>> Hugo.
>>>
>>> - --
>>> hvdkooij at vanderkooij.org               http://hugo.vanderkooij.org/
>>> PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
>>>
>>>     A: Yes.
>>>     >Q: Are you sure?
>>>     >>A: Because it reverses the logical flow of conversation.
>>>     >>>Q: Why is top posting frowned upon?
>>>
>>> Bored? Click on http://spamornot.org/ and rate those images.
>>>
>>> -----BEGIN PGP SIGNATURE-----
>>> Version: GnuPG v1.4.7 (GNU/Linux)
>>>
>>> iD8DBQFHIYAqBvzDRVjxmYERArZrAKCCBwVS26KkacGJxFcyE2xlLhk2qgCfTt0q
>>> 1NxQqWaSiobLFWn8n5s9s5g=
>>> =HrjW
>>> -----END PGP SIGNATURE-----
>>
>>
> 


-- 
Ken Anderson
Pacific.Net

More information about the MailScanner mailing list