<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: SMTP AUTH?


At 11:32 am +0200 8/9/98, Richard Kettlewell wrote:
>It doesn't scale.  Suppose you have two hosts running this code trying
>to talk to each other.  The first one sends a 421 response (or just
>blocks, for that matter) and contacts the second - which itself sends
>a 421 response (or just blocks) and contacts the first - and the loop
>starts over again.

Well, I was intending being a bit more reasonable, actually. A host only
gets added to the "forbidden" list if it definitely relays. Timeouts, etc,
would not affect this... and if I always get a 421, it could be for some
other reason.... or we could use a different code to indicate that this is
what is happening. (Like I said, 421 might not be right.)

>As you notice, it will also reject legitimate mail from hosts which
>happen to permit relaying.

Yes. This is a problem but for some, it might be acceptable.

>A friend of mine is currently testing some software which uses bait
>addresses to generate a blacklist and reject spam on that basis - the
>idea being that you widely publish the blacklist address so that it
>gets onto spammer's mailing lists, and then whenever you get mail to a
>recipient list that includes a bait address you know it's spam and can
>be rejected.  I'll post a reference to it here when he's a bit further
>on with the project.

My experience of gradually reducing the number of RCPT allowed has shown
that spammers are smart enough to now use relatively small lists, i.e. 5
recipients. Can you be sure that a mail would include the blacklist
address? Or are you saying that the host from which the blacklist address
originated would immediately be rejected?

Rgds,

John






<<< Chronological >>> Author    Subject <<< Threads >>>