Filters That Fight Back
Simon Huggins
huggie at earth.li
Wed Sep 3 12:02:24 CEST 2003
On Tue, Sep 02, 2003 at 03:31:08PM -0500, Bob Friesenhahn wrote:
> On Tue, 2 Sep 2003, Simon Huggins wrote:
> > I've not talked about stalling. Just bouncing at SMTP time i.e. sending
> > a 5xx response.
> This is only really effective when the other end is a traditional
> best-effort MTA. A specialized SPAM delivery program which delivers
> the mail directly can simply move on to the next address.
Which is fine - I don't have the spam any more so they can spam other
people :-)
I imagine specialised spam programs don't even listen to the code at the
end of DATA and don't retry sending mail either - certainly users of
SAUCE see huge reductions in spam when they 4xx all mail that comes from
an IP they don't know for x hours and then accept it (least I think
that's how it works - it might be all mail from an email address, I
forget).
One problem with this is that it implies you need the same filtering of
your mail that you have on your primary MX as you do on all other MXs.
i.e. if you run bogofilter and get it to reject mail at SMTP time on the
primary then you need the same setup on the secondary (if indeed you
have a secondary MX) otherwise the secondary will create these "fake"
bounces to people who didn't send the mail in the first place.
Simon.
--
'... visiting an e-commerce site where you can't actually buy anything is a
bit close to that old practical joke of ringing up bookshops and then, when
they say "Can I help you?", you reply "It's OK, thanks - I'm just
browsing..."' -- http://www.ntk.net/
More information about the Bogofilter
mailing list