<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: SMTP AUTH?


John Martin writes:

> Well, I was intending being a bit more reasonable, actually. A host
> only gets added to the "forbidden" list if it definitely relays.
> Timeouts, etc, would not affect this...  and if I always get a 421,
> it could be for some other reason.... or we could use a different
> code to indicate that this is what is happening. (Like I said, 421
> might not be right.)

Yes, using a specific 4xx code would be a better idea - provided
everyone chooses the same one!

>> As you notice, it will also reject legitimate mail from hosts which
>> happen to permit relaying.
> 
> Yes. This is a problem but for some, it might be acceptable.

Also it won't stop you receiving spam from hosts which don't relay - I
get quite a bit direct from dialups without any relay-rape involved
(three this morning alone); such hosts need not even run an SMTP
listener.

Obviously doing this is more effort for the spammer, but apparently at
least some of them are convinced it's worthwhile.

> My experience of gradually reducing the number of RCPT allowed has
> shown that spammers are smart enough to now use relatively small
> lists, i.e. 5 recipients.

That's interesting...

> Can you be sure that a mail would include the blacklist address? Or
> are you saying that the host from which the blacklist address
> originated would immediately be rejected?

One possible way round this would be to have many more bait addresses
than real addresses - then the majority of SMTP sessions attempting to
deliver spam would include a bait address.

You could certainly reject all mail from the host that was sending
spam; this would have the advantage of only refusing mail from hosts
that were actively involved in spamming.  It'll be interesting to see
how it works in practice, anyway.

ttfn/rjk




<<< Chronological >>> Author    Subject <<< Threads >>>