[Top] [All Lists]

Re: deferred RCPT responses

2004-03-28 11:24:36

It seems you want LMTP, at least its RCPT replies after the final dot.
Someone should specify this as an ESMTP extension...

An SMTP extension would simply not be used by spammers.

Right. In the past I've considered an extension to provide LMTP functionality
in SMTP, but the benefits never seem to outweigh the costs.

You can, however, only allow one recipient at one time (and temporarily
reject all subsequent RCPTs) when the extension is not in use.

Yep. We've offered this option (actually settable as to how many RCPT TOs are
allowed before it kicks in) for several years now. And I'm pretty sure we're
not alone in offering it, since some spammers seem to have caught on and now do
a RSET to start a new transaction when they get a 4yz code. This means you also
need a configurable limit on the number of transactions you allow in a session.
And then there can be limits on the number of sessions allowed from a
particular host...

Another, more radical, thing to do is to keep track of the people you talk to
and blow off all recipients the first time someone new connects to you.  This
reportedly works pretty well - for now, that is.


<Prev in Thread] Current Thread [Next in Thread>