I am sick of this gmail spam. Does anyone know a solution where I can do something like this: 1. received email from adcpni444 at gmail.com 2. system recognizes this email address has been 'whitelisted', continue with 7. 3. system recognizes as this email never been seen before 4. auto reply with something like (maybe with a wait time of x hours): Your message did not receive the final recipient. You are sending from a known spam provider network that is why we blocked your message. Please confirm that: - you are not a spammer and - you have permission to use the mail adress you send your message to - you and your provider agree to uphold GDPR legislation - you and your provider are liable for damages when breaching any of the above. Click link to confirm and you agree with the above https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf 5. sender clicks confirm url 6. email address is added to some white list. 7. email is delivered to recipient.
This is not a job for dovecot. You should look into whatever is your MTA (exim, postfix etc) and implement the solution there. But my initial suggestion is to check SPF and DKIM of the email. Because I know that gmail does terminate spammers quick, but if you don't validate SPF or DKIM, you might be a victim of spoofed Gmail email. Best regards, Sebastian Nielsen -----Ursprungligt meddelande----- Fr?n: dovecot-bounces at dovecot.org <dovecot-bounces at dovecot.org> F?r Marc Roos Skickat: den 11 juni 2020 10:21 Till: dovecot <dovecot at dovecot.org>; users <users at spamassassin.apache.org> ?mne: handling spam from gmail. I am sick of this gmail spam. Does anyone know a solution where I can do something like this: 1. received email from adcpni444 at gmail.com 2. system recognizes this email address has been 'whitelisted', continue with 7. 3. system recognizes as this email never been seen before 4. auto reply with something like (maybe with a wait time of x hours): Your message did not receive the final recipient. You are sending from a known spam provider network that is why we blocked your message. Please confirm that: - you are not a spammer and - you have permission to use the mail adress you send your message to - you and your provider agree to uphold GDPR legislation - you and your provider are liable for damages when breaching any of the above. Click link to confirm and you agree with the above https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf 5. sender clicks confirm url 6. email address is added to some white list. 7. email is delivered to recipient. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5249 bytes Desc: S/MIME Cryptographic Signature URL: <https://dovecot.org/pipermail/dovecot/attachments/20200611/89524123/attachment.p7s>
I know it is not dovecot who should fix this. But anyone using dovecot is using an MTA, and receiving spam ;) I know how to look at email headers. Spf and dkim is not solving anything here. -----Original Message----- From: Sebastian Nielsen [mailto:sebastian at sebbe.eu] Sent: donderdag 11 juni 2020 10:23 To: Marc Roos; 'dovecot'; 'users' Subject: SV: handling spam from gmail. This is not a job for dovecot. You should look into whatever is your MTA (exim, postfix etc) and implement the solution there. But my initial suggestion is to check SPF and DKIM of the email. Because I know that gmail does terminate spammers quick, but if you don't validate SPF or DKIM, you might be a victim of spoofed Gmail email. Best regards, Sebastian Nielsen -----Ursprungligt meddelande----- Fr?n: dovecot-bounces at dovecot.org <dovecot-bounces at dovecot.org> F?r Marc Roos Skickat: den 11 juni 2020 10:21 Till: dovecot <dovecot at dovecot.org>; users <users at spamassassin.apache.org> ?mne: handling spam from gmail. I am sick of this gmail spam. Does anyone know a solution where I can do something like this: 1. received email from adcpni444 at gmail.com 2. system recognizes this email address has been 'whitelisted', continue with 7. 3. system recognizes as this email never been seen before 4. auto reply with something like (maybe with a wait time of x hours): Your message did not receive the final recipient. You are sending from a known spam provider network that is why we blocked your message. Please confirm that: - you are not a spammer and - you have permission to use the mail adress you send your message to - you and your provider agree to uphold GDPR legislation - you and your provider are liable for damages when breaching any of the above. Click link to confirm and you agree with the above https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf 5. sender clicks confirm url 6. email address is added to some white list. 7. email is delivered to recipient.
On Thu, Jun 11, 2020 at 10:19:50AM +0200, Marc Roos wrote:> > > I am sick of this gmail spam. Does anyone know a solution where I can do > something like this: > > 1. received email from adcpni444 at gmail.com > 2. system recognizes this email address has been 'whitelisted', continue > with 7. > 3. system recognizes as this email never been seen before > 4. auto reply with something like (maybe with a wait time of x hours): > Your message did not receive the final recipient. You are sending > from a known spam provider > network that is why we blocked your message. Please confirm that: > - you are not a spammer and > - you have permission to use the mail adress you send your message to > - you and your provider agree to uphold GDPR legislation > - you and your provider are liable for damages when breaching any of > the above. > > > Click link to confirm and you agree with the above > https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf > > 5. sender clicks confirm url > 6. email address is added to some white list. > 7. email is delivered to recipient.If you do this rgularly enough, sending these messages to what are likely forged return addresses, you might just end up being classified as a spam sender yourself. -- hendrik> > > > >
Yes thanks, I know, however the criteria for putting emails into this procedure is a different subject. Just wondered what people are doing. -----Original Message----- To: dovecot at dovecot.org Subject: Re: handling spam from gmail. On Thu, Jun 11, 2020 at 10:19:50AM +0200, Marc Roos wrote:> > > I am sick of this gmail spam. Does anyone know a solution where I can > do something like this: > > 1. received email from adcpni444 at gmail.com 2. system recognizes this > email address has been 'whitelisted', continue with 7. > 3. system recognizes as this email never been seen before 4. auto > reply with something like (maybe with a wait time of x hours): > Your message did not receive the final recipient. You are sending > from a known spam provider > network that is why we blocked your message. Please confirm that: > - you are not a spammer and > - you have permission to use the mail adress you send your messageto> - you and your provider agree to uphold GDPR legislation > - you and your provider are liable for damages when breaching any > of the above. > > > Click link to confirm and you agree with the above > https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf > > 5. sender clicks confirm url > 6. email address is added to some white list. > 7. email is delivered to recipient.If you do this rgularly enough, sending these messages to what are likely forged return addresses, you might just end up being classified as a spam sender yourself. -- hendrik> > > > >
Wrong mailing list. You need to ask on the list for the MTA you are using (Sendmail, Postfix, &c). Actually, this sounds like a job for a custom milter, which would look at the domain name of the sending system, and reject the mail with your message. Dunno if there is one that works exactly like this. On 6/11/20 1:19 AM, Marc Roos wrote:> > > I am sick of this gmail spam. Does anyone know a solution where I can do > something like this: > > 1. received email from adcpni444 at gmail.com > 2. system recognizes this email address has been 'whitelisted', continue > with 7. > 3. system recognizes as this email never been seen before > 4. auto reply with something like (maybe with a wait time of x hours): > Your message did not receive the final recipient. You are sending > from a known spam provider > network that is why we blocked your message. Please confirm that: > - you are not a spammer and > - you have permission to use the mail adress you send your message to > - you and your provider agree to uphold GDPR legislation > - you and your provider are liable for damages when breaching any of > the above. > > > Click link to confirm and you agree with the above > https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf > > 5. sender clicks confirm url > 6. email address is added to some white list. > 7. email is delivered to recipient. > > > > >
Marc Roos wrote:> > > I am sick of this gmail spam. Does anyone know a solution where I can do > something like this: > > 1. received email from adcpni444 at gmail.com > 2. system recognizes this email address has been 'whitelisted', continue > with 7. > 3. system recognizes as this email never been seen before > 4. auto reply with something like (maybe with a wait time of x hours): > Your message did not receive the final recipient. You are sending > from a known spam provider > network that is why we blocked your message. Please confirm that: > - you are not a spammer and > - you have permission to use the mail adress you send your message to > - you and your provider agree to uphold GDPR legislation > - you and your provider are liable for damages when breaching any of > the above. > > > Click link to confirm and you agree with the above > https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf > > 5. sender clicks confirm url > 6. email address is added to some white list. > 7. email is delivered to recipient. >This seems similar to the long-dead Active Spam Killer (https://directory.fsf.org/wiki/Active_Spam_Killer) with updates for GDPR.
Am 11.06.2020 um 16:58 schrieb Richard Siddall:> Marc Roos wrote: >> >> >> I am sick of this gmail spam. Does anyone know a solution where I can do >> something like this: >> >> 1. received email from adcpni444 at gmail.com >> 2. system recognizes this email address has been 'whitelisted', continue >> with 7. >> 3. system recognizes as this email never been seen before >> 4. auto reply with something like (maybe with a wait time of x hours): >> ??? Your message did not receive the final recipient. You are sending >> from a known spam provider >> ??? network that is why we blocked your message. Please confirm that: >> ??? - you are not a spammer and >> ??? - you have permission to use the mail adress you send your message to >> ??? - you and your provider agree to uphold GDPR legislation >> ??? - you and your provider are liable for damages when breaching any of >> the above. >> >> ??? Click link to confirm and you agree with the above >> ??? https://www.domainwithoutletsencryptcertificate.com/asdfasdfadsfaf >> >> 5. sender clicks confirm url >> 6. email address is added to some white list. >> 7. email is delivered to recipient. >> > > This seems similar to the long-dead Active Spam Killer > (https://directory.fsf.org/wiki/Active_Spam_Killer) with updates for GDPR.The general name for such a system is challenge-response system. https://en.wikipedia.org/wiki/Challenge%E2%80%93response_spam_filtering There are enough reasons to discourage something like that. Alexander
* Marc Roos:> 3. system recognizes as this email never been seen before > 4. auto reply with something like (maybe with a wait time of x hours): > Your message did not receive the final recipient. You are sending > from a known spam providerGenerating backscatter is definitely not a good move, and it is even prone to punish yourself. Better to reject the offending message with a 5xx status code and some explanatory text or the URL. The various tests required to come to a decision about accepting or rejecting the message can be executed in a milter. Milter-regex, for example, is lightweight but still powerful enough to perform tests on combinations of various headers and the body content. Beyond that, a custom milter is always an option. -Ralph
> Wrong mailing list. You need to ask on the list for the MTA you are> using (Sendmail, Postfix, &c). Yes will ask soon at sendmail. > Actually, this sounds like a job for a custom milter, which would look > at the domain name of the sending system, and reject the mail with your > message. Dunno if there is one that works exactly like this. > I think also, I should have some contact coding milters. I think this could be ok for things like this spamhaus bad tld list or so.
On 2020-06-11 16:58, Richard Siddall wrote:> This seems similar to the long-dead Active Spam Killer > (https://directory.fsf.org/wiki/Active_Spam_Killer) with updates for > GDPR.http://www.paganini.net/ask/ dead projects
Am 11.06.2020 um 19:15 schrieb Ralph Seichter:> Generating backscatter is definitely not a good move, and it is even > prone to punish yourself. Better to reject the offending message with > a 5xx status code and some explanatory text or the URL. > > The various tests required to come to a decision about accepting or > rejecting the message can be executed in a milter. Milter-regex, for > example, is lightweight but still powerful enough to perform tests on > combinations of various headers and the body content. Beyond that, a > custom milter is always an option....and the body content... There exists one problem: at this stage of mail reception you have no body content nor header information on which a milter may perform deeper analysis, only envelope data. The SMTP specs itself allow failure codes after any command, even a 5xx after the DATA command. Hoever, many MTAs still ignore error response codes after DATA and take the mail as sent, so that most mail servers will perform any error indication before DATA, at latest after RCPT TO. So the server has to accept mail first before it can scan its header and/or body, and would send out DSNs on rejection at this stage, probably causing backscatter as well. I don't understand why this problem of ignoring data response codes even exists. It would be so much more practible to reject spam immediately after the body was scanned, i.e. after the DATA command, than to send out these DSNs. Or does this issue no longer exist these days? /andreas