North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: while i'm on the subject of filtering, here's today's list of spammers
> > I am confused, how would filtering at the smtp port on source address > work? What you do is return a 421 error if you don't "like" the source address (this is checked very early on). You can also return a 500-series error, but that generates an immediate bounce, which is "nice" to the spammer. I prefer to be nasty and eat their resources instead. > If delivery fails, does not the sender often use MX records and > send via an intermediary host? Not if you return a 400-series error. The host doing the sending will retry. If you block at the packet level, then yes, the sender will go to a secondary MX *IF* there is one and it can be reached. The 421 response is the best possible one, because it screws the sender, is cheap compute-wise for you, and has the desired effect without causing other disruption. > If so the source address is lost unless > all the MX hosts have the same filter list. And in any case I believe > that typically sendmail will accept email from anyone for delivery to > anyone. So a spammer could scatter his emails all over the Internet thru > thousands of intermediate hosts, if he used the right software to do it. > > Best Regards, > Robert Laughlin He has to be able to inject it in the first place. As more potential relays implement this, that becomes much harder. -- -- Karl Denninger ([email protected])| MCSNet - The Finest Internet Connectivity http://www.mcs.net/~karl | T1's from $600 monthly to FULL DS-3 Service | 99 Analog numbers, 77 ISDN, Web servers $75/mo Voice: [+1 312 803-MCS1 x219]| Email to "[email protected]" WWW: http://www.mcs.net/ Fax: [+1 312 803-4929] | 2 FULL DS-3 Internet links; 400Mbps B/W Internal - - - - - - - - - - - - - - - - -
|