Jimmy Hess wrote:
On Sat, Jul 30, 2011 at 7:57 AM, Michelle Sullivan <matthew@sorbs.net <mailto:matthew@sorbs.net>> wrote:
Rich Kulawiec wrote: > On Sat, Jul 30, 2011 at 01:45:52AM -0400, Dan Collins wrote: [snip]
later in the document, Webmaster@ is not in the required list. As per my previous email, the webservers (all of them) report another email
[snip]
I wouldn't fault SORBS for not supporting optional addresses such as webmaster@. I would fault SORBS for automatically listing someone e-mailing webmaster@ though, as implied above. Whether the actual RFC existed or not.
It's probably true that all the standard addresses are likely to be subject to abuse. info@ sure is.
However, they should not be listed without at least analyzing the content of the actual message. To decide if it is in fact abuse, OR if it's just a human failure, somebody attempting to contact an admin address/service that does not exist.
There mere act of attempting to contact multiple standard addresses alone, is certainly not proof of abuse.
A valid and well put argument. I don't know what we do with stuff to webmaster@ however I do know that it is possible that messages to it will go into the spamtrap system. (the spamtrap system has multiple entry points, and a mail going in does not guarentee a listing, but it is likely, especially if the message is repeated to multiple addresses and therefore is 'bulk'.) Michelle -- Vulnerabilities are weaknesses associated with an organisations assets that maybe exploited by a threat causing unwanted incidents. http://www.mhix.org/