Re: [Asrg] Re: bounces, and anit-spam principles

On 2007-01-23 00:25:02 -0600, David Nicol wrote:
> On 1/22/07, Dan Oetting <dan_oetting(_at_)qwest(_dot_)net> wrote:
> > That works if you don't mind taking the long route. I was thinking of
> > a more direct path of sending a specific response code in the SMTP
> > transaction. A really smart smarthost might be able to then fix the
> > problem before the site gets blacklisted.
> I for one caught that drift.  It wouldn't need to be its own ESMTP
> keyword, just some specific text following the 550 rejected on policy
> grounds.  Perhaps the word "spam."
>
> So, a conformant sending domain, on seeing a /^550 .+spam/i response, would
> do what exactly? Log the fact?  Page a sysadmin?
Temporarily block emails from this user and generate a bounce message
explaining the policy (it's your user and he has authenticated himself
with SMTP AUTH or an equivalent mechanism, so you know who he is).
You probably still want to accept mail from the user to your own support
mail address, and you probably also want to start with a short (maybe
only a few minutes) blocking time and increase that with every offense.
If the user mistakenly has sent a mail to a spamtrap he will probably be
clean again when he's finished writing his next mail and because of the
bounce message he knows that he shouldn't send to that address again. If
his machine is a zombie which uses his credentials he will have
increasing trouble sending mail until he cleans up his machine. 

Sounds like a nice scheme to me. Has anybody ever tried that?

        hp

-- 
   _  | Peter J. Holzer    | I know I'd be respectful of a pirate 
|_|_) | Sysadmin WSR       | with an emu on his shoulder.
| |   | hjp(_at_)hjp(_dot_)at         |
__/   | http://www.hjp.at/ |    -- Sam in "Freefall"

signature.asc
Description: Digital signature

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg