SPAM (on list) was:Re: classiccmp list (sort of) help requested

Mike Loewen mloewen at cpumagic.scol.pa.us
Fri Dec 15 09:40:07 CST 2006


> It was noted in one of the trade publications I looked at that a very
> effective check on SPAM was to confirm that the stream opened up to
> you (on your port 25) actually did a "conversation" with the remote
> player.

    Something I've been experimenting with on one of my SMTP servers is 
"greylisting", as implemented in a sendmail milter:

http://hcpnet.free.fr/milter-greylist/

    On my system, it blocks over 95% of SPAM delivery attempts.  Most of 
the SPAMbots I've seen attempting to deliver a message don't wait around 
for a reply and simply disconnect when they get the temporary reject code. 
Those that do often attempt to deliver the next message with a different 
"from" address, which starts a new delay timer.  I've also enabled it's 
DNSRBL feature, with the SORBS list.  Anything that is listed in SORBS 
gets a longer delay.  I can't say how well it scales on a busy system, but 
it's a valid concept.

    I passed this on to Jay in a private message.


Mike Loewen				mloewen at cpumagic.scol.pa.us
Old Technology	http://ripsaw.cac.psu.edu/~mloewen/Oldtech/



More information about the cctalk mailing list