ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: SPF abused by spammers

2004-09-13 09:58:23
On Mon, Sep 13, 2004 at 05:48:34PM +0200, Peter J. Holzer wrote:
On 2004-09-13 17:14:37 +0200, Markus Stumpf wrote:
On Fri, Sep 10, 2004 at 07:44:11PM -0400, Seth Breidbart wrote:
The idea is that the spamtrap addresses will cause blacklisting before
the domain can green off the greylist.

At which point do greylist implementations make the entry for a triple?

How about a
   MAIL FROM
   RCPT TO
   RCPT TO
   RCPT TO
   RCPT TO
   RCPT TO
   [ ... ]
   RSET
and come back 30 minutes later.

Such a pattern could be a reason to blacklist the sender, too. 

If you are greylisting, it's that pattern that well behaved MTAs will use.

doubtful on the same connection, since I'd expect that to timeout.

so you'll use greylist behaviour to justify blacklist creation.

Ok... I won't send mail there.

-- 
 /  \__  | Richard Rognlie / Sendmail Ninja / Gamerz.NET Lackey
 \__/  \ | http://www.gamerz.net/~rrognlie    <rrognlie at gamerz.net>
 /  \__/ |      The early bird gets the worm
 \__/    |      But the second mouse gets the cheese


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg