[Mimedefang] What to do w/ SPAM?
David F. Skoll
dfs at roaringpenguin.com
Sun Sep 22 22:57:01 EDT 2002
On Sun, 22 Sep 2002, Jeff Grossman wrote:
> But, you would be bouncing the message at the SMTP transaction level, so
> you never actually receive it. The sending server will have to deal
> with the bounce, not you.
That's true, mostly. The only exception is if the spammer sends spam
thus:
MAIL FROM:<nosuchperson at yourdomain.com>
RCPT TO:<victim at yourdomain.com>
Then, action_bounce() would cause the sending relay to bounce an error
to your server. However, this is pretty rare, and action_bouncing spam
is a good way to handle it.
I use CanIt (of course!) which I have set up to:
- Bounce anything scoring over 20
- Tempfail anything scoring between 5-20 until I can approve it, at which
point it either gets accepted or action_bounced().
- Tempfail unconditionally from a bunch of popular free e-mail
services until I approve the mail. This has blocked spam which would
otherwise have snuck past SpamAssassin. I do not think this endears me
to the folks who run the free e-mail services...
I also use the HELO trick raised by Jim McCullars in posting
http://lists.roaringpenguin.com/pipermail/mimedefang/2002-August/001949.html
I find it catches 4-5 spammers per week.
--
David.
More information about the MIMEDefang
mailing list