Folks, I have seen some varied discussion here and other places about stopping spammers. Most folks use filters, like spam assassin and other spam filtering software. As far as I can tell, this does not stop the use of the bandwidth. Please correct me if I am wrong.
I see that most inexperienced pond-scum spammers do not know how to use a valid domain, or use their own servers domain, which is stoppable at the front door by using reverse lookup and noto lines in smtpd-check-rules or by getting the spammer booted from their host. This worked for me for several months. However, there are those who are more experienced at spamming and wasting bandwidth by using an open SMTP server (in most cases) that has a valid reverse DNS, but yet claim to be someone else, thereby causing bounce messages to bounce back to the SMTP server, etc., and using more bandwidth. To me this could be a vulnerability if a spammer wanted to flood a server on the SMTP port causing thousands of bounced messages to be generated and loading down the server... What I am wondering/wishing is if code can be added to the SMTP server software to make it compare the actual valid DNS upon reverse lookup to the domain being claimed by the connection. If the claimed domain is not found anywhere within the string returned on the reverse lookup, the connection would be closed with a 550 error to the SMTP server and stopping the spammer at the front door and saving bandwidth. It should be just a simple comparison function to determine if the reverse lookup matches the domain being claimed. It would be a very useful feature! I have won half the battle with the reverse lookup, and now I am wanting to put the nail in the coffin... My only problem is I do not know how to modify the smtp server software. Anyone here capable of doing that? I am still with SME 5.1.2 until the spam problem is resolved with later versions. Tom Carroll -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Searchable archive at http://www.mail-archive.com/devinfo%40lists.e-smith.org
