|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sheldon T. Hall (pf
tandem.artell.net)
Date: Mon May 28 2007 - 11:04:27 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Quoth Marian Boboc ...
>
> What I want in fact is not to reject at all.
> To be more explicit I'll give an example:
>
> Spammer sends mail to user1example.com, user2example.com,
> user3example.com.
> On my system only user2example.com exists; for the other two
> destinations
> postfix will reject the message with 550 (the sender receives the
> notification of the rejected message) and of course the
> spammer will know
> that user2example.com is a valid e-mail, while the others are not.
> This method is widely used by spammers to get valid e-mails
> for the various
> domains.
>
> Now, what I want is not to reply al all in these cases, just
> to drop the mail somehow.
What you propose to do will actually have the opposite effect, if it has any
at all.
Every day, my own small site gets dozens-to-hundreds of message attempts for
non-exixtant users. I see the same notional addressees over and over, even
though those addressees do not exist, have never existed, and have never
accepted mail. One of the names, in particular, has never appeared in
public and has never had an account; it's a whole-cloth fabrication in the
spammers minds, but it gets about half the spam attempts I see.
The spammers that use the typical botnet approach must never see rejection
notices, or don't care. The mainsleaze spammers will hammer on any address
that ever accepted a message, sometimes for years after you start rejecting
that address.
Bottom line? I don't think it matters what you do. If you accept the mail,
the spammers may think the address is valid, and just send more spam to that
address. If you reject it, they may send less, or they may send more
anyway.
A potential bad side effect of discarding mail to non-existant users is that
if a legitimate sender fat-fingered a valid address, neither he nor the
intended recipent will know the mail never arrived.
So, I wouldn't do anything other than reject the messages to non-existant
users.
-Shel
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]