[Mimedefang] New spam technique

Paul Murphy pmurphy at ionixpharma.com
Tue Jul 6 06:39:55 EDT 2004


David wrote:


> > One possible approach is to appear to accept all addresses, then
> > check the recipient address but take no action until the DATA phase
> > - at which point you can refuse the message with a 5xx error without
> > indicating whether the address exists or not.
> 
> That doesn't work if there is more than one recipient, some 
> valid and someinvalid.  At the end of DATA, you can only indicate success 
> or failure for the entire message and all recipients.

Bouncing the message for all recipients if one of the recipients is invalid
could be a valid approach, depending on the site policy.  Alternatively,
bouncing it if more than a small number (e.g. 2 or 3) are invalid would catch
dictionary attacks without unduly impacting on messages with a typo in
manually-added addresses.

Best Wishes,

Paul.
__________________________________________________
Paul Murphy
Head of Informatics
Ionix Pharmaceuticals Ltd
418 Science Park, Cambridge, CB4 0PA

Tel. 01223 433741
Fax. 01223 433788


_______________________________________________________________________
DISCLAIMER:
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to which they
are addressed.  If you have received this email in error please contact
the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741
_______________________________________________________________________ 



More information about the MIMEDefang mailing list