This approach certainly isn't perfect. But simply opening a connection to
the sending host and checking RCPT TO:
<somewhere(_at_)your_own_domain(_dot_)whatever>,
looking for a 250 OK message before rejecting, then failing safe (i.e.
accepting anything where you can't connect to the host) might tend to slow
down a large hunk of spam.
-----Original Message-----
From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
Sent: Monday, January 22, 2001 3:56 PM
To: Gwinn, Allen
Cc: 'James M Galvin'; Jacob Palme; ietf-822(_at_)imc(_dot_)org
Subject: Re: Statistics of "intelligence" in e-mail spams
One approach that I've thought casually revolves around a feature in
Sendmail that would open an SMTP connection back to the sending host
(assuming the sender had smtp services) and test it for relaying mail back
to you. You could then accept or reject mail from that host based on the
finding.
won't work. lots of sites have separate outgoing and incoming MTAs, and
nothing says that a 'sending host' even has to listen for inbound SMTP
connections.
admittedly, lots of other ideas for filtering spam - some that people
actually implement, like filtering out source addresses that correspond
to dialup lines - are no better.
Keith