.. wrote:
In article , Andy Hall
writes
On 29 Jan 2005 01:57:00 -0800, "Mathew J. Newton"
wrote:
Andy Hall wrote:
On Thu, 27 Jan 2005 08:34:33 +0000, "."
wrote:
In article , Peter Ramm
writes
On Wed, 26 Jan 2005 00:58:51 GMT, raden wrote:
For anyone interested, I shall be using this email address from
now on.
I'm sure spammers' address harvesters will be ;-)
Having been looking at this for a while... it seems that most
harvesters
only pick up the domain address so in my case lots of stuff arrives
@chapelhouse, I set a simple filter that bounces anything without an
addressee, this reduces the spam to the odd few which are not a
problem.
Demon are filtering spam now anyway which has cut it down even
further
It's better to silently drop messages to users in your domain who are
not addressees rather than bouncing them. If you bounce them, the
spammer knows that he has a live domain and will then just try common
names at that domain.
Surely though the lack of *any* failure also indicates that the spammer
has got a 'live' domain?
If you silently blackhole the messages, the spammer will assume they
got to the intended recipient and probably do nothing more. If the
mail is rejected as undeliverable with SMTP, it attracts attention.
I've tried three different methods:
- Bounce the message back after accepting it on the SMTP server.
- Reject it as undeliverable to the specific user by the SMTP server.
- Silently black hole.
THe first two seem to both cause additional messages to users like
"postmaster" and common first names to be sent.
Being silent seems to stop this.
But AIUI most spamming is not done from an original address but from a
hijacked address (I have been the victim of this myself) so if this is
the case it doesn't matter whether you bounce or blackhole, the original
spammer never sees it anyway. You can argue that you waste bandwidth and
inconvenience any address that has been hijacked but as for getting a
response from the original source I can't see it myself.
I agree.
Spam comes in several carttegories.
One categories is 'no valid return address' and usually invites you t
visit a web site. Bouncing it is useless - there is nowhere to bounce,
and chances are the bounce will bounce back to YOU as the originator of
the bounce.
Black hole it.
Anoher class is that which uses hijacked valid addresses to escape being
bounced as invalid return address. Chances are that bouncing this back
to teh poor sucker whos adress is nicked will cause grief and extra
traffic.
Black hole it.
Anoher class is that which uses a temporary address on MSN, AOL, or
Yahoo. Tes have limits obn recipeint lists for uploading, so teh normal
way tehse guys work is to use an open relay, which will very soon get
blocked off and blacklisetd. So anything fo a blacklisted relay may be
safely black holed.
The final class of spam is from quasi legitimate business that have
acquired your e-mail address, and are sending circulars. Most of these
will get throiugh spam filters, and most of tehm will allow you to
de-register. If not, you know who they are and can bounce messages back
if you like.
I have been developing my spam filters on my ISP, and have now a very
good combiantion.
- addresses to individuals in my domains that do not exist, are bounced
with a 'no known user' - this takes care of all te crap fora similarly
named domain I used to get.
- addresses from blacklisted relays are silently refused at SMTP level
- addresses from individuals on spoof non existent return addresses are
junked.
- all mail from AOL, yahoo and MSN is junked, with named exceptions for
the very few pople I know that actually are dumb enough to use it.
- address from certain companbies that still spam me after requests not
to are returned with pithy messages.
All this is done at my ISP (ww.calar.net) site on their machines, but
under MY control. That way I do not have to download spam - they reject
it or dump it there, saving me time and bandwidth.
|