Technology Blog

Richard Poynder, Open Radio, Open and Shut, January 11, 2007.  Excerpt:

At the end of last year I received an email from a US community radio station called KRUU-FM, which is based in Fairfield, Iowa. While surfing the Web Sundar Raman, the host of a show called Open Views, had come across the interviews I have been doing with leaders of the various free and open movements, and he wanted to talk to me about them on air.

Sympathetic to the notion of community radio, and intrigued by the raison d’être of Open Views — to explore the open source and free culture movements around the world “stretching beyond the limits of software” — I agreed to do the interview, which was broadcast in December (and can be heard here). 

It was only after the interview was over, however, that I realised that KRUU is more than just a community radio station: it is also a grassroots initiative with a deep commitment to the principles advocated by the various free and open movements. Or as station manager James Moore more extensively described it during the inaugural Open Views programme, KRUU is “grassroots, community, public, non-profit, open radio.” …

source: What is open radio?

Andrea Marchitelli, Open access weblog, Biblioteche oggi, 24, 10 (2006) pp. 54-55.  In Italian but with this English-language abstract:

In this review the author examines three weblogs about open access, to demonstrate that is possible to be so different talking about the same things.

The three blogs reviewed are DigitalKoans by Charles Bailey, Open Access Archivangelism by Stevan Harnad, and Open Access News by yours truly.

source: Review of three blogs on OA

The National Library of Catalonia (Biblioteca de Catalunya) and four other Catalonian libraries have joined the Google Library project.  From Google’s announcement:

The mission of the Library of Catalonia is to collect, preserve, and spread Catalonian bibliographic production and that related to the Catalonian linguistic area, to look after its conservation, and to spread its bibliographic heritage while maintaining the status of a universal center for research and consultation.

This translation of the National Library of Catalonia’s mission statement makes it clear why the National Library of Barcelona, Catalonia’s largest library, and four affiliate Catalonian libraries have decided to join the Google Book Search Library Project. By digitizing these libraries’ out-of-copyright books, millions of people around the world will be able to trace Catalonian history and culture through centuries of text….

PS:  Google is expanding its coverage of libraries outside the English-speaking world, begun in September 2006 when Complutense University of Madrid joined the project.  And the National Library of Catalonia is expanding its commitment to free online content, begun in April 2006 when it signed the Berlin Declaration on Open Access.

source: Five Catalonian libraries join the Google Library project

EFF’s Fred von Lohmann (the lawyer who won the Grokster case in the 9th Circuit) will be arguing EFF’s first Wiki case on Tuesday in New York. Details:

Tuesday, Jan 16 2007
2pm, federal district court, eastern district of ny (brooklyn)
225 Cadman Plaza East
Brooklyn, NY 11201

source: EFF defending Wikis

Peter Brantley, Print on Demand and Digitization, Peter Brantley’s Thoughts and Speculations, January 11, 2007.  Excerpt:

…One of reasons for the interest in print on demand among libraries is the possibility that they may soon have access to significant digital repositories.  The most prominent example, and one near and dear to my present heart at the University of California, is the potential digital largesse of works being made available via the Google Book Search Library partners program.  In the program, libraries get back a digital copy of their works scanned by Google.  Obviously, for works that are in copyright, there is a very limited number of things that libraries can do with these copies.  For public domain works, however, almost anything is fair game, including printing off your own copies.

One of the challenges of the Google Book Search program for libraries is that the quality of the images delivered to libraries is uneven, and certainly not archival.  Without belaboring the details, it is fair to say that Google’s effort is focussed on the indexing of the texts to power discovery, and a marred display image is an acceptable compromise to make in order to reach the magnitudes of digitization necessary to make the operation - an industrial one in scale - sustainable.   But  not-pretty images pose a problem for print on demand….

For these repositories to be acceptable, [John Mark Ockerbloom] points that what we should do is to establish a clearing house or registry of these digitized works….

[I]f a faculty member requested a print of a book, a librarian could verify whether it met minimal standards and could give it a rough grade, certifying it to a certain level.  They wouldn’t try to correct or itemize the errors, but rather merely note this was a readable work, or readable but for the preface.  In such a fashion, particularly if universities could ever figure out how to work together to make a centralized repository of public domain works, one could know simply by looking up the work whether it was printable or not….

source: All the digitized books fit to print

Rich Cave and Barbara Cohen, The Public Library of Science: Open-Access Publishing and Advocacy, a slide presentation at Net Tuesday San Francisco, January 9, 2006.  The podcast will soon be available here.  (Thanks to NetSquared.)

source: PLoS at Net Tuesday San Francisco

Barbara Kirsop, Leslie Chan, Subbiah Arunachalam, Open access essential to improve information exchange, SciDev.Net, January 11, 2007.  A letter to the editor.  Excerpt:

We fully support Donat Agosti’s contention that open access is the only way for publicly-funded research to be shared not only between the North and South, but also between developing countries (see ‘Free access to research should not be limited’).

It is also our view that UN-supported projects like the Online Access to Research in the Environment, Health Internetwork Access to Research Initiative and Access to Global Online Research in Agriculture initiatives only provide ’sticking plaster’ solutions to information deprivation….

We do not understand why influential UN organisations such as the World Health Organization, the Food and Agriculture Organization and the UN Environment Programme — whose remits are to support international health, agriculture and environmental programmes — are not encouraging the open access movement. By concentrating on the above projects and working with commercial publishers, they hamper research into issues such as climate change, HIV/AIDS, malaria, tuberculosis and avian flu.

Meeting these challenges requires strategies to increase information exchange. Why, then, are these agencies solely supporting programmes that have limited global beneficiaries? For example, countries like India with low gross domestic products are barred from collaboration. These agencies should also be working to promote open access to all publicly funded research information….

UNESCO is the only UN agency that seems to have understood the importance of open access having endorsed its use in the draft programme and budget for 2006-2007. We urge other UN agencies and key funding bodies around the world to follow suit.

source: The UN should support OA

Stevan Harnad, The Green Road to Open Access: A Leveraged Transition, a Technical Report for the Department of Electronics and Computer Science, Southampton University, self-archived January 10, 2007.

Abstract:   What the research community needs, urgently, is free online access (Open Access, OA) to its own peer-reviewed research output. Researchers can provide that in two ways: by publishing their articles in OA journals (Gold OA) or by continuing to publish in non-OA journals and self-archiving their final peer-reviewed drafts in their own OA Institutional Repositories (Green OA). OA self-archiving, once it is mandated by research institutions and funders, can reliably generate 100% Green OA. Gold OA requires journals to convert to OA publishing (which is not in the hands of the research community) and it also requires the funds to cover the Gold OA publication costs. With 100% Green OA, the research community’s access and impact problems are already solved. If and when 100% Green OA should cause significant cancellation pressure (no one knows whether or when that will happen, because OA Green grows anarchically, article by article, not journal by journal) then the cancellation pressure will cause cost-cutting, downsizing and eventually a leveraged transition to OA (Gold) publishing on the part of journals. As subscription revenues shrink, institutional windfall savings from cancellations grow. If and when journal subscriptions become unsustainable, per-article publishing costs will be low enough, and institutional savings will be high enough to cover them, because publishing will have downsized to just peer-review service provision alone, offloading text-generation onto authors and access-provision and archiving onto the global network of OA Institutional Repositories. Green OA will have leveraged a transition to Gold OA. 

source: The path from here to there

Christine Gorman, Name That Life Saver! Time Magazine, January 8, 2007.  Excerpt:

Forget Myspace. You should see what the Web 2.0 revolution is doing to medical journals. There’s a contest to name the most important medical advance since 1840 over at the venerable British Medical Journal. (Results to be posted on Jan. 18) …

But first prize still has to go to the Public Library of Science journals…, which jumped on the open-access research bandwagon early, and has been shaking up the paid-subscription journals ever since. No special licenses are required for doctors in poor countries to read high-quality PloS articles in full. As long as readers have internet access, the articles are free.

PloS.org’s latest offering: PloS One, where research articles from a wide variety of disciplines undergo minimal pre-publication review. The heavy lifting comes from what the editors call “community peer review,” which is done completely transparently through reader annotations on the web….

PS:  Is this first prize as a life saver or first prize as an example of Web 2.0?  Both? 

Note to Gorman:  While there were OA journals before PLoS, it’s more true to say that PLoS helped create the bandwagon than jumped on it.

source: First prize to PLoS

Via recruiting expert Shally Stackerl, the pros and cons of sites like LinkedIn, Spoke, and Plaxo .

This post was written by David Teten, source: Pros and cons of online networks

BBC: Cocaine on ‘100% of Irish euros’:

One hundred percent of banknotes in the Republic of Ireland carry traces of
cocaine, a new study has found.

Researchers used the latest forensic techniques that would detect even the
tiniest fragments to study a batch of 45 used banknotes.

The scientists at Dublin’s City University said they were “surprised by their
findings”.

Also at RTE, Irish
Examiner, PhysOrg.com, Bloomberg.com,
even at Kazakhstan’s
KazInform.

This story is (of course) being played widely in the media as “OMG Ireland must
use more coke than anywhere else” — in particular, in comparison
with a previous study in the US:

The most recent survey carried out in the US showed 65% of dollar notes were
contaminated with cocaine.

The DCU press-release
has a few more details:

Using a technique involving chromatography/mass spectrometry, a sample of 45
bank notes were analysed to show the level of contamination by cocaine. …

62% of notes were contaminated with levels of cocaine at concentrations
greater than 2 nanograms/note, with 5% of the notes showing levels greater
than 100 times higher, indicating suspected direct use of the note in either
drug dealing or drug inhalation. … The remainder of the notes which showed
only ultra-trace quantities of cocaine was most probably the result of
contact with other contaminated notes, which could have occurred within bank
counting machines or from other contaminated surfaces.

However, looking at an abstract of what I think is the paper in question,
Evaluation of monolithic and sub 2 µm particle packed columns for the rapid
screening for illicit drugs — application to the determination of drug
contamination on Irish euro
banknotes,
Jonathan Bones, Mirek Macka and Brett Paull, Analyst, 2007, DOI:
10.1039/b615669j, that says:

A study comparing recently available 100 × 3 mm id, 200 × 3 mm id monolithic
reversed-phase columns with a 50 × 2.1 mm id, 1.8 µm particle packed
reversed-phase columns was carried out to determine the most efficient
approach … for the rapid screening of samples for 16 illicit drugs and
associated metabolites. … Method performance data showed that the new
LC-MS/MS method was significantly more sensitive than previous GC-MS/MS
based methods for this application.

My emphasis. I’d guess that that means that comparing this result to
banknote-analysis experiments carried out elsewhere using different methods is
probably invalid — perhaps this method is more efficient at picking up
‘contact with other contaminated notes, which could have occurred within bank
counting machines or from other contaminated surfaces’, as noted in the DCU
release?

Tags:bad journalism banknotes chemistry cocaine dcu drugs ireland press research science

This post was written by Justin, source: Debunking the “cocaine on 100% of Irish banknotes” story

The December 2006 issue of Access is now online.  This issue has articles on OARE, OpenDOAR, Google Scholar, the Asean Library, the British Academy report on copyright barriers to social science and humanities research, and the Publishing Research Consortium study on journal cancellations. 

source: December issue of Access

David L. Schriger, Sripha Ouk, and Douglas G. Altman, The Use of the World Wide Web by Medical Journals in 2003 and 2005: An Observational Study, Pediatrics, January 2007.  (Thanks to ResourceShelf.)  Abstract:

Objectives. The 2- to 6-page print journal article has been the standard for 200 years, yet this format severely limits the amount of detailed information that can be conveyed. The World Wide Web provides a low-cost option for posting extended text and supplementary information. It also can enhance the experience of journal editors, reviewers, readers, and authors through added functionality (eg, online submission and peer review, postpublication critique, and e-mail notification of table of contents.) Our aim was to characterize ways that journals were using the World Wide Web in 2005 and note changes since 2003.

Methods. We analyzed the Web sites of 138 high-impact print journals in 3 ways. First, we compared the print and Web versions of March 2003 and 2005 issues of 28 journals (20 of which were randomly selected from the 138) to determine how often articles were published Web only and how often print articles were augmented by Web-only supplements. Second, we examined what functions were offered by each journal Web site. Third, for journals that offered Web pages for reader commentary about each article, we analyzed the number of comments and characterized these comments.

Results. Fifty-six articles (7%) in 5 journals were Web only. Thirteen of the 28 journals had no supplementary online content. By 2005, several journals were including Web-only supplements in >20% of their papers. Supplementary methods, tables, and figures predominated. The use of supplementary material increased by 5% from 2% to 7% in the 20-journal random sample from 2003 to 2005. Web sites had similar functionality with an emphasis on linking each article to related material and e-mailing readers about activity related to each article. There was little evidence of journals using the Web to provide readers an interactive experience with the data or with each other. Seventeen of the 138 journals offered rapid-response pages. Only 18% of eligible articles had any comments after 5 months.

Conclusions. Journal Web sites offer similar functionality. The use of online-only articles and online-only supplements is increasing.

From the body of the paper:

The Web-only model of journal publication eliminates printing costs, and this savings has made open access journals (the authors pay for the peer review services, and the article is available free to all with Web access) financially possible.  The growth of Web-only journals from Biomed Central (now >140 journals) and Public Library of Science (6 journals) is clear evidence that the WWW is changing scientific publication….

It could be argued that the only thing keeping print versions of full-length articles extant is the pharmaceutical industry’s willingness to purchase print advertisements and the journals’ need to put something between these ads….

In 2005, 57% of journals posted articles to their Web site before their appearance in print, and 12% of journals offered readers a forum for responding to each article. We were surprised that more readers did not take advantage of the postpublication review feature; 82% of such pages had no entries. Is this because readers do not read the articles, do not have anything to say, or are not interested in participating in such a forum? In the face of such low participation rates, how do we explain that the British Medical Journal averaged 6 postings per article on the 80% of articles that had postings? Perhaps it is because all of the British Medical Journal content was free to all at the time of this study or that the British Medical Journal has had a stronger Web presence for a longer period of time than many other journals and has cultivated a group of users who are comfortable using the WWW in this way….

source: How medical journals are using the web

The US National Science Digital Library (NSDL) has issued a general call to participate in NSDL.  Excerpt:

NSDL encourages contributions of educational resources from NSF grant awardees, library users, community members, resource developers, content providers, educators, learners of all ages, and other collection builders. Contributions can range from individual lesson plans or websites to collections of thousands of items, to technology-based tools and services that aid educational applications of digital resources. This enlarges and strengthens the library and encourages reuse and sharing of materials….

NSDL provides access to web-based educational resources, data sets, pedagogic materials or assessments, research materials, images, graphics, photos, simulations, games, activities, curriculums, visualizations, lesson plans, collections, reports, journal articles, etc….

source: Participate in the NSDL

JISC is soliciting proposals to create a survey of “different forms of research output” used by researchers.  From the invitation to tender:

1. This Invitation To Tender invites proposals to undertake, on behalf of the Joint Information Systems Committee (JISC), a survey on the use by researchers and teachers of different forms of scholarly output.

2. Funding of £15,000 is available for this work (including VAT and related travel and subsistence).

3. The deadline for proposals is 13:00 hours on Wednesday 7th February 2007….

5. A key performance indicator in JISC’s Strategy and Operational Plan is to develop an overview of the barriers to effective scholarly communication and the emerging behaviours and different activities being funded worldwide to improve the position….

8. The use of different forms of scholarly output opens issues of means of access and of rights of access for researchers and for teachers. The use of images is governed by a different IPR regime to that for the use of research articles. An individual book chapter may be more difficult for students to trace and access than a journal article. Data sets related to research articles may require the user to have access to substantial computing facilities….

source: JISC will fund a survey of different forms of research output

The European Research Advisory Board (EURAB) recommends an OA mandate for EU-funded research.  Here’s today’s press release in its entirety:

The European Commission should consider mandating all researchers funded under the Seventh Framework Programme (FP7) to publish the results of their research in an open access repository within six months of initial publication, according to the European Research Advisory Board (EURAB).

While some concerns over open access are justified, such as the quality of the peer review process, preserving long term access, and the viability of smaller circulation publications, the overwhelming benefits far outweigh these concerns, states a new report by EURAB.

The open access debate has been triggered by the rapid and radical change in science communication brought about by the rise of the internet. There is also a desire to disseminate more widely the results of publicly funded research in order to raise awareness of the benefits of investing in science, and at the same time to bring down the costs of research for public authorities. Public funding bodies are currently paying three times for research, according to EURAB. First they pay for the research itself, then for peer review, and finally for a library subscription to the journal in which the resulting paper is published. Additional author-side fees levied by traditional toll-access journals may be considered a fourth cost.

The Commission has three roles to play in drafting and implementing a policy on open access, says EURAB: as a funding body, a policy body, and a supporting body.

As a funding body, the Commission seek to increase the visibility of, and improve access to, research funded by the Commission without compromising the freedom of scientists to publish where they feel is most appropriate.

A key recommendation is that the Commission considers instructing those receiving FP7 funding to lodge any publications resulting from their research in an open access repository as soon as possible after publication. The paper should be made openly accessible within six months.

EURAB says that the repository could be a local institution or dedicated to a specific subject. Deposit should be made once a journal or conference has accepted it for publication, and the repository should release the metadata immediately, with access restrictions to the full text article to be applied as required. Open access should then be implemented as soon as practicable after the author-requested embargo, or within six months, whichever comes first.

EURAB suggests that the Commission begins the roll out of such a complex policy issue with research funded by the European Research Council (ERC), which came into being with the launch of FP7.

As a supporting body, the Commission should place emphasis on streamlining the process of deposit for researchers, and on standards for supporting interoperability. In this context, the Commission should introduce a specific supporting action in every FP7 thematic priority to facilitate the use of deposit in open access repositories, states the EURAB report.

The Commission’s role as a policy body should be to encourage all Member States to promote open access publication policies for all of their publicly funded research.

A communication on scientific publishing is expected shortly from the European Commission.

To read the EURAB paper in full [December 2006], please click here.

Comments.

1. This is excellent news for many reasons.  First, the policy would apply across Europe, not just within a single country or institution.  Second, it encourages member states to adopt their own OA policies to buttress this EU-wide policy.  Third, EURAB is an independent agency created by the EU to make recommendations on research-policy questions of exactly this kind.  This report should carry weight. 
2. Fourth, the policy it recommends is superb.  It’s a mandate, not mere encouragement.  It gives authors a choice of repositories for deposit.  It caps the permissible embargo at six months.  It recommends deposit of the published version, if possible, and the final version of the peer-reviewed manuscript otherwise.  It uses what I call the dual deposit/release strategy or what Stevan Harnad calls the immediate deposit / optional access strategy (except that here, flipping the switch on the deposited article from closed to open is delayed but mandatory, not optional).  There’s no hint of compromise based on misunderstandings about copyright.
3. The only part of the EURAB recommendation not summarized in the press release is this:  “FP7 should include an action to invite proposals for an enhanced ranking of journals which includes not only traditional indicators of impact but also open access policies.”
4. Just one caveat:  The authors write that “some concerns over open access are justified, such as the quality of the peer review process….”  However the full report does not elaborate or justify this claim.  For a rebuttal, see my article, Open access and quality (October 2006). 

source: EURAB recommends an EU-wide OA mandate

The Portuguese Conference of University Rectors has signed the Berlin Declaration on Open Access to Knowledge.

PS: Also see its November 2006 statement on Open access to scientific publications.

source: Portuguese university rectors sign Berlin Declaration

Cory Doctorow, The Foundations of Open Access, Free Culture @ NYU, January 9, 2007.  Excerpt:

So, this weekend is the Open Access summit and I wanted to share some thoughts on how to help bring this on a widespread basis.

Closely tied to open access is encouraging funding organizations to include language in their grant proposals which promotes open access, for code and content. This is in the foundation’s best interest - call it “philanthropic ROI”.

On the educational institution’s side of the fence, funding pressure could really tip the scale in favor of opening their work….Funding pressure changes everything….

Already, the Hewlett Foundation is moving in this direction, but if/when others follow it could be very decisive force in the campaign for Open Access.

The Hewlett Foundation’s Education Division provides grants in the area of Open Educational Resources, and all grant applications have to describe their approaches to
intellectual property in the terms below (these are copied directly from the grant application).

There’s more at Open Educational Resources.

…If you are developing content or producing articles, reports, white papers, or other written materials, please identify which of the Creative Commons licenses you will use to license the content….

If you are developing software, please identify which of the Open Source Initiative-approved licenses you will use to license the software….

If your work involves the creation of data sets, please see [the Science Commons FAQ on database licensing] and be prepared to discuss the open license plans with program staff.”

So, one way to put pressure on folks is to convince more funding agencies to begin stipulating for Open Access….

source: "Funding pressure changes everything."

There’s a common misconception about spam, email, and email authentication;
Matt Cutts has been the most recent promulgator, asking ‘Where’s my authenticated email?’,
in which various members of the comment thread consider this as an anti-spam
question.

Here’s the thing — email these days is authenticated. If you send a mail
from GMail, it’ll be authenticated using both SPF and DomainKeys. However,
this alone will not help in the fight against spam.

Put simply — knowing that a mail was sent by ‘jm3485 at massiveisp.net’, is
not much better than knowing that it was sent by IP address 192.122.3.45,
unless you know that you can trust ‘jm3485 at massiveisp.net’, too. Spammers
can (and do) authenticate themselves.

Authentication is just a step along the road to reputation and accreditation, as Eric Allman notes:

Reputation is a critical part of an overall anti-spam, anti-phishing system
but is intentionally outside the purview of the DKIM base specification
because how you do reputation is fundamentally orthogonal to how you do
authentication.

Conceptually, once you have established an identity of an accountable entity
associated with a message you can start to apply a new class of
identity-based algorithms, notably reputation. … In the longer term
reputation is likely to be based on community collaboration or third party
accreditation.

As he says, in the long term, several vendors (such as Return Path and Habeas)
are planning to act as accreditation bureaus and reputation databases,
undoubtedly using these standards as a basis. Doubtless Spamhaus have similar plans, although they’ve not mentioned it.

But there’s no need to wait — in the short term, users of SpamAssassin and
similar anti-spam systems can run their own personal accreditation list, by
whitelisting frequent correspondents based on their DK/DKIM/SPF records,
using whitelist_from_spf, whitelist_from_dkim, and whitelist_from_dk.

Hopefully more ISPs and companies will deploy outbound SPF, DK and DKIM as time
goes on, making this easier. All three technologies are useful for this
purpose (although I prefer DKIM, if pushed to it ;).

It’s worth noting that the upcoming SpamAssassin 3.2.0 can be set up to run
these checks upfront, “short-circuiting” mail from known-good sources with valid
SPF/DK/DKIM records, so that it isn’t put through the lengthy scanning process.

That’s not to say Matt doesn’t have a point, though. There are questions about
deployment — why can’t I already run “apt-get install
postfix-dkim-outbound-signer” to get all my outbound mail transparently signed
using DKIM signatures? Why isn’t DKIM signing commonplace by now?

Tags:accreditation anti spam authentication dkim domainkeys email habeas reputation return path smtp spam spamhaus spf

This post was written by Justin, source: Email authentication is not anti-spam

As I’ve noted before, we
still have a major problem with sites generating bounce/backscatter storms in
response to forged mail — spam, viruses, and so on. These sites have a broken
mail configuration, but there are still thousands out there — it’s very hard
to fix an old mail setup to avoid this issue. As a result, a single spam
run can concentrate the volume of response bounces in a Smurf-attack-style volume
multiplication, and this acts as a serious denial of service; I’ve
regularly had serious load problems and backlogs on my MX, due solely to
these bounces.

However, I think I’ve now solved it, with only a little loss of functionality.
Here’s how I did it, using Postfix and SpamAssassin.

Firstly, note that if you adopt this, you will lose functionality.
Third party sites will not be able to generate bounces which are sent
back to senders via your MX — except during the SMTP transaction.

However, if a message delivery attempt is run from your MX, and it is bounced
by the host during that SMTP transaction, this bounce message will still be
preserved. This is good, since this is basically the only bounce scenario that
can be recommended, or expected to work, in modern SMTP.

Also, a small subset of third-party bounce messages will still get past, and be
delivered — the ones that are not in the RFC-3464 bounce format generated
by modern MTAs, but that include your outbound relays in the quoted header.
The idea here is that “good bounces”, such as messages from mailing lists
warning that your mails were moderated, will still be safe.

OK, the details:

In Postfix

Ideally, we could do this entirely outside Postfix — but in my experience,
the volume (amplified by the Smurf attack effects) is such that these
need to be rejected as soon as possible, during the SMTP transaction.

In my Postfix configuration, on the machine that acts as MX for my domains –
edit ‘/etc/postfix/header_checks’ and add these lines:

/^Return-Path: <>/                              REJECT no third-party DSNs
/^From:.*MAILER-DAEMON/                         REJECT no third-party DSNs
/^Content-Type: multipart\/report; /            REJECT no third-party DSNs
/^Content-Type: message\/delivery-status; /     REJECT no third-party DSNs

Edit ‘/etc/postfix/main.cf’, and ensure it contains this line:

header_checks = regexp:/etc/postfix/header_checks

Now restart Postfix.

In SpamAssassin

Install the
Virus-bounce ruleset. This will catch challenge-response mails, “out of
office” noise, “virus scanner detected blah” crap, and bounce mails generated
by really broken groupware MTAs — the stuff that gets past the Postfix
front-line.

Once you’ve done these two things, that deals with almost all the forged-bounce
load, at what I think is a reasonable cost. Comments welcome…

Tags:anti spam backscatter bounces email howto smtp spamassassin virus bounces viruses

This post was written by Justin, source: How to deal with joe-jobs and massive bounce storms