15 Dec
2006
15 Dec
'06
7:40 a.m.
It was noted in one of the trade publications I looked
at that a very
effective check on SPAM was to confirm that the stream opened up to
you (on your port 25) actually did a "conversation" with the remote
player.
Something I've been experimenting with on one of my SMTP servers is
"greylisting", as implemented in a sendmail milter:
http://hcpnet.free.fr/milter-greylist/
On my system, it blocks over 95% of SPAM delivery attempts. Most of
the SPAMbots I've seen attempting to deliver a message don't wait around
for a reply and simply disconnect when they get the temporary reject code.
Those that do often attempt to deliver the next message with a different
"from" address, which starts a new delay timer. I've also enabled it's
DNSRBL feature, with the SORBS list. Anything that is listed in SORBS
gets a longer delay. I can't say how well it scales on a busy system, but
it's a valid concept.
I passed this on to Jay in a private message.
Mike Loewen mloewen at cpumagic.scol.pa.us
Old Technology http://ripsaw.cac.psu.edu/~mloewen/Oldtech/