[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

minor anti-spam trick - anyone tried it before me?

A number of spammers seem to use a "blast commands at the server"
approach, sending

	HELO asdf
	MAIL FROM: <asdf@asdf>
	RCPT TO: <asdf@asdf>

in one packet, and never try again if any of the commands fail for any

So, I'd guess that anything that gives some temporary error message
for the above sequence should help against such spam.  And, noticing a
spammer hit four addresses at the same time, I decided to try

	PARAM MaxSameIpSource 1

in smtpserver.conf, in the hope that all except one of the attempts
would fail, without inconveniencing "real" mail noticeably.

Has anyone tried this already?  Does it help for you?

(I realize that the trick will hurt qmail/ezmlm a bit and won't help
against relay spammers.  If djb is right, it won't hurt qmail
noticeably, and if I can limit one subset of spam without cost, I