[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

minor anti-spam trick - anyone tried it before me?

To: zmailer@nic.funet.fi
Subject: minor anti-spam trick - anyone tried it before me?
From: Arnt Gulbrandsen <arnt@troll.no>
Date: 27 Oct 1999 00:31:07 +0200

A number of spammers seem to use a "blast commands at the server"
approach, sending

	HELO asdf
	MAIL FROM: <asdf@asdf>
	RCPT TO: <asdf@asdf>

in one packet, and never try again if any of the commands fail for any
reason.

So, I'd guess that anything that gives some temporary error message
for the above sequence should help against such spam.  And, noticing a
spammer hit four addresses at the same time, I decided to try

	PARAM MaxSameIpSource 1

in smtpserver.conf, in the hope that all except one of the attempts
would fail, without inconveniencing "real" mail noticeably.

Has anyone tried this already?  Does it help for you?

(I realize that the trick will hurt qmail/ezmlm a bit and won't help
against relay spammers.  If djb is right, it won't hurt qmail
noticeably, and if I can limit one subset of spam without cost, I
will.)

--Arnt

Prev by Date: problem with fqdnsaliases and '-' in domainnames
Next by Date: Re: problem with fqdnsaliases and '-' in domainnames
Prev by thread: Re: problem with fqdnsaliases and '-' in domainnames
Next by thread: header corruption -- solved
Index(es):
- Date
- Thread