E-Scribe : a programmer’s blog

About Me

PBX I'm Paul Bissex. I build web applications using open source software, especially Django. Started my career doing graphic design for newspapers and magazines in the '90s. Then wrote tech commentary and reviews for Wired, Salon, Chicago Tribune, and others you never heard of. Then I built operations software at a photography school. Then I helped big media serve 40 million pages a day. Then I worked on a translation services API doing millions of dollars of business. Now I'm building the core platform of a global startup accelerator. Feel free to email me.

Book

I co-wrote "Python Web Development with Django". It was the first book to cover the long-awaited Django 1.0. Published by Addison-Wesley and still in print!

Colophon

Built using Django, served with gunicorn and nginx. The database is SQLite. Hosted on a FreeBSD VPS at Johncompanies.com. Comment-spam protection by Akismet.

Pile o'Tags

Stuff I Use

bitbucket, Django, Emacs, FreeBSD, Git, jQuery, LaunchBar, Markdown, Mercurial, OS X, Python, Review Board, S3, SQLite, Sublime Text, Ubuntu Linux

Spam Report

At least 236428 pieces of comment spam killed since 2008, mostly via Akismet.

I'm not spamming you

Damned spammers. Looks like a big batch of drug-spam just went out with my personal email forged as the sender. The number of backscatter messages I've gotten today exceeds the number of spams that usually make it through to me in a week. Why? Because my anti-spam measures are mostly about blocking messages from "bad" mail servers, and backscatter comes from "good" mail servers.

I'm laying a lot of ironic emphasis on those quotes around "good" because I shouldn't be getting those backscatter messages at all. They piss me off -- at the spammers, of course, but also at the people who run the mail servers which are helpfully "returning" mail to me that I did not send. In a more idealistic time I might have suggested that they could have avoided this by using SPF (which is true), but this is an even more basic competence issue. To quote from the above linked page:

Bounces should ideally only be generated by a mail server to a local recipient. Mail servers should not generate bounces to non-local recipients, but should instead reject the mail during the SMTP session, and leave the remote sending server to handle the bounce...

I've set up a Postfix rule that is now catching a lot of these as they come in and rejecting them with a message to that effect -- not that it's likely many of those mail admins will ever notice.

I'm also grumpy because this type of event invetitably yields a few hate-filled messages from spam recipients who misguidedly think they are replying to the spammer, when they are in fact just unleashing their (merited) rage on a poor schmuck whose email address got forged.

That would be me.

Friday, June 29th, 2007
+

Comments are closed for this post. But I welcome questions/comments via email or Twitter.