David Nicol wrote:
On Sun, Aug 3, 2008 at 2:57 AM, Alessandro Vesely <vesely(_at_)tana(_dot_)it>
What about http://www.spamcannibal.org/?
spamcannibal appears to be a DNSBL that works in concert with a
tarpitting firewall modification. That's nifty, and tarpitting the
connections to the concept under discussion here (which desperately
needs its own thread, as it is a complete departure from assertions),
The (admittedly loose) connection is that I'd rather tarpit any
connection to mx.nomail.org (or a semantically equivalent mx denial)
than efficiently deliver 552 errors.
which could be called mx.nomail.org (nomail.org appears to be
registered by a Czech name reselling service from their whois record,
FWTW) would probably be a good thing. Response time is not that
important; the idea is to draw email connection attempts away when you
don't receive any. Deferring that 550 until the end of the data,
tarpitting and discarding the whole time, could be more effective.
One obvious question is about the status of tarpitting w.r.t. RFCs 793
or 1122, that SMTP relies upon. Is it a recommended action against
spammers?
And what about filtering blacklisted IPs at the firewall level, i.e.
blocking (reject, drop, or tarpit) their syn requests? Is it better
than letting spammers consume our mailer daemon resources?
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg