On Fri, 23 Aug 2013, keld wrote:
Just a thought I had for spam detection: what about testing if you could
connect to port 25 on the sending MTA? Zombies behind a NAT would not be
able to be reached. I think there are some web-based mailers that could
be hurt, but maybe one could make a whitelist for those. Is this a known
scheme, and what are the pros and cons?
I think it's far more common than you think that a sending MTA isn't
listening on port 25.
But even if all sending MTAs were listening on port 25, or if there was an
RFC that told them to do so, there are probably more effective ways to
fight spam from zombies. Methods that work even if the zombie isn't behind
a NAT. DNSBLs, for example.
ietf-smtp mailing list