Hi Arnt,
On 18 Jun 2007 at 9:59, Arnt Gulbrandsen <arnt(_at_)oryx(_dot_)com> said:
This reminds me of a technique some people are using: Delay responses by x
seconds, where x is a constant. x=46 and x=90 have been mentioned as good
numbers; apparently quite a few spambots drop off at 45 seconds or less,
while hardly any proper smtp clients do.
This is fine providing that the client can't pipeline. If the client
tries to, it should be shot. The danger is, as David mentioned, in
assuming that timeouts will be honoured by anyone. That's why I propose
my alternative.
By the way, just in case someone needs a rationale for killing off clients
that talk prematurely: the idea is that a lot of broken spambots don't
actually know what a continuation line is. They will go on issuing
commands under the assumption that they have a complete, one-line response
when it becomes available. It therefore makes sense to try to convince
the client to give us a reason for terminating its connection by making it
wait while it is being issued continuation lines. My only fear is that
some other, non-spam implementation will turn out to do the same. :-(
I see no reason why your variation should have less success, and would be
very interested in seeing a comparison if you're able to carry one out.
As I said in my previous message, not just yet. I'm just floating an idea
for the moment. When I have some more time ...
Cheers,
Sabahattin
--
Sabahattin Gucukoglu <mail<at>sabahattin<dash>gucukoglu<dot>com>
Address harvesters, snag this: feedme(_at_)yamta(_dot_)org
Phone: +44 20 88008915
Mobile: +44 7986 053399