On Sun, 2004-12-05 at 18:21 -0500, Alan DeKok wrote:
David Woodhouse <dwmw2(_at_)infradead(_dot_)org> wrote:
Generally, what isn't delivered should be rejected by the first
recipient it's offered to. It never leaves the spammer's machine and
there's no bounce.
As has been pointed out repeatedly, this won't work in the existing
SMTP system, due to certain design and implementation decisions.
Whether this means the current design is incorrect, or your idea is
incorrect is an argument which will never end.
There's no problem with the current design. In general it's not hard.
Either the spammer is sending mail via the ISP of the zombie machine,
which ought to be doing some kind of check on outgoing mail from their
customers, or often they try to connect directly to an MX host of the
domain to which they're trying to send, which ought to reject anything
the primary MX would reject.
This is why you should always have MX backups which are capable of
rejecting mail to unknown users at the domain, for example.
Ideally, yes. This can be difficult to do in practice.
Anything _can_ be difficult to do in practice, if you make enough stupid
decisions along the way. Setting up an MX backup competently can be
_trivial_ to do in practice too.
--
dwmw2