[GRLUG] Email overload

George (Skip) VerDuin verduin at ameritech.net
Thu May 1 12:32:58 EDT 2008


Very pertinent topic Collin.

On Wed, 2008-04-30 at 15:37 -0400, Collin wrote:
> This is sort of off topic but sort of on topic...
I'm sorry -- I see nothing off topic in your post, and I see many good
thoughts in the thread posted prior to mine.

> 
> I'm getting hundreds upon hundreds of bounce messages from all over the 
> world today. Someone used our email domain as the sender address for not 
> so nice emails (they didn't use our server they just claim to be us). >>SNIP<<
It seems your experience is shared by many of us and our interests are
to protect ourselves from such abuse in the absence of (or the
ineptitude of) protection from others.  The issue you put before us is
tantamount to identity theft, a hard to enforce felony level statute.
It also seems to be a two pronged question of:
a) Discovery
b) Propagation

A) Discovery of email address:
In order for our information to be used by others, it must be ferreted
out by people with either good or bad intentions.  Whatever we do to
protect ourselves from mal-use, it must not disadvantage good-use.

One practice is to obfuscate email addresses on web sites.  For example:
grlug at grlug.org becomes "grlug at grlug dot org", now simple robots pass
over such text and come away empty handed.  I have the desire to learn
more tactics from GRLUG that allow me to put myself out there on the web
with some safety.

B) Propagation of mal intent:
In order for us to blunt the effects of mis-use of our information, we
might need to be proactive at shutting down distribution.  Our present
tools include firewalls and spam filters.  I find it good practice to
shut down abuse, but bad practice to stop at protection and not be
proactive at prevention because inaction is a self defeating
proposition.

One filter put forward is grey-listing and SPF I find interesting.  Like
all solutions, isn't there a price?  For example, to shut down
"undeliverable" now disadvantages legitimate users who mis-spell an
address on valid mail from an organization?  Curious minds...? 

C) What to do later today and tomorrow:
I guess LWN needs to go into my regular reading?  While I can repent, I
also struggle to find the time for information overload...  But perhaps
there is opportunity in this: consultant on the topic, service provider
upstream of the reader, IPv6, SMTP "from" validated against IP address,
email delivery "stamp" with associated cost, giving no quarter at any
ISP with lax attitude (and that might include blacklisting mail from his
domain)...

I find the comments of practiced experts who chide poorly done firewalls
amusing but not very instructional.  My desire is to feel safe so I can
sleep soundly, and feel participative so tomorrow might be a better day
than today.  Casey -- for GRLUG meeting would you consider a round table
on this subject?  I'd love to take notes and post them on wiki.


Warmest regards from here,
George



More information about the grlug mailing list