Spamcop listed - need help to diagnose why
Ted Mittelstaedt
tedm at toybox.placo.com
Mon Jan 9 22:05:17 PST 2006
>-----Original Message-----
>From: owner-freebsd-questions at freebsd.org
>[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of jdow
>Sent: Monday, January 09, 2006 8:48 AM
>To: danial_thom at yahoo.com; David Banning
>Cc: freebsd-questions at freebsd.org
>Subject: Re: Spamcop listed - need help to diagnose why
>
>
>Spam I sort through. With SpamAssassin scoring it's easy to find
>the low scores and concentrate on them. But somebody arrogant enough
>to spam me with a challenge for a message to a mailing list ends
>up on my procmail /dev/null rules. (I use fetchmail to grab mail
>and procmail to feed it to /var/spool/mail/<name> with stops along
>the way for SpamAssassin, ClamAv, and some random cleverness.)
>
Unfortunately, jdow, since your using this setup, the spammer has
already successfully delivered the mail to you. The fact that you
delete the spam before reading makes no difference - the spammer
doesen't know that and thinks they have successfully delivered it.
Denying the spam before it's even accepted into the server is a
much better way. Unfortunately, a content filter means you have to
read in the DATA section of the message to get material to filter.
However, there's been some experimental work done on content filter
systems that will read in the message then simply stop issuing TCP
acknowledgements before
closing, and log IP and refuse further communication from it. The sender
times out with a network failure, and thinks the message was never
successfully delivered. Pretty ugly stuff, though, violates all sorts
of application separation rules.
Ted
More information about the freebsd-questions
mailing list