[Top] [All Lists]

Re: slow email validation problems (was reject vs bounce)

2005-09-14 07:14:03

"Paul Smith" suggested:

BTW, the only solution to the 'keepalive' problem that I can think of other than having varying reply codes is for the server to receive the message the first time, reply with 450- until it decides whether to accept it or not, then reply '450 ' to temporarily reject the message, but record identifying details about the message (message id, envelope details, etc), then wait until the sender tries to re-send it and then accept it straight away. (This method also sort of merges the idea of 'grey listing', so might be even better at stopping spam). However, the obvious drawback is that every message has to be sent twice - which isn't good, but I can't see any other way to do it.

I am _seriously_ concerned about this suggestion.

Someone else on another list recently said that they are already doing this as a matter of routine. They were relying on the observation that many spammers just make one, pre-scripted, attempt to send each message, while good-guys will attempt a re-send.

Once spammers decide that this method of defence is starting to get in their way the obvious, easy tactic for them is to execute each spam run twice a few hours apart and, Voila! the amount of spam which _everyone_ sees is doubled.

Chris Haynes

<Prev in Thread] Current Thread [Next in Thread>