[Mimedefang] Powerful anti-spam rule that never discards vali d e-mail

Mycrom defang at mycrom.net
Wed Jan 15 10:12:01 EST 2003 

This all is a good idea but you guys need to change the thinking a little.
Issuing a 4XX to all messages will cause the message to be delayed in most
cases. The remote mta will take it and stick it into its little pocket until
next queue run. What you should do is a connection reset or just drop the
STMP session at some point. This is treated differently and should make most
normal MTA's just hop over to the next priority MX. This again would be
using the same principal that most spamming tools would just hiccup and not
act as a proper MTA.

Its early... Feel free to smack me if im just flat wrong.... <Grin>

-Matthew

----- Original Message -----
From: "local.mimedefang" <local.mimedefang at insignia.com>
To: <mimedefang at lists.roaringpenguin.com>
Sent: Wednesday, January 15, 2003 6:50 AM
Subject: Re: [Mimedefang] Powerful anti-spam rule that never discards vali d
e-mail


> On Tue, 14 Jan 2003 14:29:48 -0000, dmuell at gmx.net (Dirk Mueller)
> wrote:
>
> >On Die, 14 Jan 2003, local.mimedefang wrote:
> >
> >> Hmm. I'm wondering how effective it would be to set up a mail
> >> relay with a higher priority than the "real" ones which does nothing
> >> but tempfail *everything*. It shouldn't be too hard to write but
> >> I'm a bit loath to try it on a real domain, especially one which
> >> belongs to my employer!
> >
> >I don't think its that simple. I've noticed several times spam software
> >injecting mails in the "fallback" mail servers, without ever having tried
> >the regular mx point.
>
> OK well we have some old domains which are no longer used and which
> normally don't have MX records, but spammer's databases are full of
> addresses in those domains.
>
> So I put back two MX records, a priority 1 pointing at a test machine
> and a priority 5 pointing at one of our normal mail gateways.
>
> On the test machine I wrote a little SMTP server in Perl which goes
> as far as the DATA phase before giving a 452.
>
> I am getting *some* mail to the domain arriving at the lower priority
> gateway but only a small fraction of those which hit the test
> gateway. I haven't counted yet though so I can't tell you what the
> proportion is.
>
> I sent two mails from my home machine to an address in the test
> domain. Both were rejected by the test gateway and later arrived
> at the real gateway. But there did seem to be a delay, which is a
> bit worrying. More testing needed...
>
> _______________________________________________
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>

More information about the MIMEDefang mailing list