[linux-elitists] Current client-side anti-spam best practices

Don Marti dmarti@zgp.org
Wed Sep 27 12:01:37 PDT 2006


begin Ben Finney quotation of Wed, Sep 27, 2006 at 08:57:45AM +1000:

> I can sympathise, as the great majority of my spam is easily rejected
> with such metadata checks, and it does bite that they don't apply at
> my remote alias MTAs.

Yes, but "bulletproof" or "bulk-friendly" net service
costs spammers more than regular net service costs us.

Remember Blue Frog?  It worked, but its joe-job
potential was too high.  The place to make spammers
pay for extra bandwidth is in the actual SMTP
connection they open to you, not in a connection that
you open back to them.

Ways to make spammers pay more without DoSing anyone.

1. run lots of spamtrap addresses per real address --
   use them to score servers for step 3, or just
   throw the mail away.

2. Prefer "eat and classify" to "inspect and refuse",
   (and never "accept and bounce" -- spammers forge
   mail)

3. Use netfilter to drop some incoming port 25
   packets, with a probability proportional to the
   "spamminess" of the sender.  Like greylisting,
   but two levels down in the burrito.

-- 
Don Marti                    
http://zgp.org/~dmarti/
dmarti@zgp.org 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20060927/b2617a78/attachment.pgp 


More information about the linux-elitists mailing list