On Fri, Oct 01, 2004 at 05:27:12AM -0400, Hector Santos wrote:
But I am not seeing any change whatsoever. A good example is adding a
multi-line Welcome response at the connection level. You will find a vast
40% of the bulk spammers dropping the connection because their primitive
SMTP sender scripts are not handlng multi-line 220 responses. These guys
are simply NOT adopting to this simple change in their software to get pass
the connection level. They round-robin blast their attempts across the
entire spectrum of class c addresses. So I have a huge log of 255 continous
transactions with a HELO domain and thats it.
Hector, I'm not certain what your mail volume is but your analysis is
fairly short sighted. Today, maybe 12% of failed deliveries fail due to
that reason. Inside of 12 months that number will be 2%, and even less
after that. Yes, we'll still see this from spam-bots in 2009 I'm sure.
But the volume will be so low as to be irrelevant.
You are completely forgetting that there are people making money from spam
-- the ones selling the shovels! (sorry, California gold rush joke) The
ones who write the spamming software and provide the spam bots are making a
lot of money. So they'll release a new version that gets around this
problem and get paid an upgrade fee. And we'll have the problem again.
In the last few months we've even started to see greylisting falling off,
as the spam bots are now taking 4xx errors and retrying again. A few were
badly written, and were re-trying every second :-(
Spammers evolve. Really.
--
Joe Rhett
Senior Geek
Meer.net