[Dshield] Exchange Open Relay

Christophe Rome asrgchr at yahoo.com
Fri Mar 3 10:30:19 GMT 2006


--- DigitalNation <dshield at digitalnation.ca> wrote:

> *Example of how to get blacklisted and not be an
> open relay*
> 
> You can get on the DNSBL by having too many "out of
> office" responders in
> place. SPAMCOP advises that mail-admins turn off
> that feature....I know this
> because it happened to us last month.
> 
> ------------------
> M. McBride
> Security Admin
> DigitalNation
> Vancouver, Canada
>  
Hmm, I must say your message sent down some shivers
down my spine. Excuse me if the expression is not
correct but english is not my native language.

Anyway, after reading your message I checked SPAMCOP's
site and read the article entitled 'Why are
autoresponders bad?'.

http://www.spamcop.net/fom-serve/cache/329.html

I must say I'm pretty impressed. It appears our
mailservers currently risk of being blacklisted just
because we have some sort of auto responding
mechanisms enabled (out-of-office replies,
autoresponses from individual users, ...) or bounce
back undeliverable messages.

I would like to know the weight of this article.
Should I really care and start crafting an advice to
my users telling them we need to stop sending
out-of-offices to the outside (yes, we debated on this
before and they really hold on to it) and that we need
to stop bouncing undeliverables? 

Furthermore, in the case you still do want to send
bounces to the legitimate senders, SPAMCOP advises the
use of SPF or Domain Keys. Personally I don't think
the value of these mechanisms is pretty high for the
moment. I'm sure 90% of our legitimate email senders
don't have these systems in place.

Some reactions would be welcome... Who has configured
his mailsystems in accordance to the rules stated in
this article?

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the list mailing list