wayne writes:
Graylists require the same tuple of (sending IP address, from email address,
to email address) to remain constant. All a spammer needs to do to
get past a graylist is to make sure they use the same open proxing and
forged from email address to send to the same victim every time. This
is really not a heck of a lot of extra bookkeeping, you can often get
by with just using the same random number seeds.
Yep, I reckon about 64 bytes per address would do it. It's *trivial* for
spamware to get past greylisting; the only reason it doesn't yet, is
because it's not yet widespread.
--j.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
pgpKNfeuBkQdw.pgp
Description: PGP signature