On Sat, Jul 11, 1998 at 06:11:06PM -0400, Chris Johnson wrote:
I realize this isn't a procmail question, but since people using
procmail are generally spam-conscious I thought I'd bring this
up here. The question is: why would a spammer choose to send me
spam in this somewhat roundabout way? Is there any advantage in
it for him? Or is his spamware just too stupid or lazy to bother
sorting MX records?
It was a *very* intentional choice.
Most folks who put up anti-junkmail rules do it on their
primary box, but not on any secondaries. So, if it was a check
by IP address (e.g., they're in the Realtime Blackhole List),
odds are they can get through to one of the secondaries, who
should be guaranteed to get through to one of the primaries.
Even if the check they're trying to avoid is one that you do
by envelope sender address, it now becomes the problem of one of
your secondaries to try to repeatedly deliver it to you, and is
no longer their problem.
In the rare case that you've designated some well-maintained
network as your secondary (and they're better maintained than
you are), this tactic will lose. Since most people designate
their ISP as their secondary, and the ISP can't afford to cut
off everyone on the RBL (otherwise their other customers would
scream), they tend to be more open with this sort of thing, even
if they would be inclined to be otherwise.
In the extremely rare case where you own both primaries and
secondaries, and you take care to configure them exactly the
same way, this tactic be a draw for them.
Otherwise, it's a *real* big win.
--
Brad Knowles _ _
brad(_at_)colltech(_dot_)com |_| C o l l e c t i v e |_|
http://www.colltech.com |_ technologies _|
"Managing Systems and Networks" [] A Pencom Company []