This isn't about spam, this is about unknown users
don't cut it too fine, both are mail abuse.
, which can't be filtered until there is knowledge of whether or not the user exists
Don't filter anything until the user and sender are verified.
which means it has to touch the imail server for user account reference.
All (non-mailbox) SMTP gateway/MX's should/must verify the recipient as existing before accepting the mail for a relayed domain.
Going further, MXs like IMGate then verify the sender before accepting the mail to known users. This almost eliminates IMGate from being victimized by and from amplifying joe-jobs and the forging of [EMAIL PROTECTED]
Going further, send IMGate enough msgs to unknown users and IMGate will rejects ALL mail from that IP and from a full ClassC.
Does it work? wonderfully, from yesterday at an Imail ISP in Florida:
1 SMTP Exceeded Hard Error Limit after CONNECT 2 ACL RAV: new verification 3 ACL [EMAIL PROTECTED] 3 ACL RAV: undeliverable recipient address 3 RBL opm.blitzed.org 12 SMTP unauthorized pipelining 13 RBL relays.ordb.org 17 RBL relays.visi.com 58 SMTP Exceeded Hard Error Limit after END-OF-MESSAGE 86 SMTP invalid [EMAIL PROTECTED] 154 DNS no A/MX for @recipient.domain 158 ACL unauthorized relay 169 ACL to_local_recipients unknown recipient 230 ACL body checks 255 SMTP invalid [EMAIL PROTECTED] 271 SMTP Exceeded Hard Error Limit after MAIL 480 ACL from_senders_bw 484 RBL list.dsbl.org 656 ACL header checks 764 DNS timeout for MTA PTR hostname (forged @sender.domain) 1114 ACL PTR mismatches with BigISP HELO 1161 ACL No PTR for big ISP HELO hostname 1175 DNS no A/MX for @sender.domain 1430 RBL dnsbl.njabl.org 1435 ACL from_senders_imgfx 1768 ACL SAV: new verification in progress 2302 ACL SAV: undeliverable sender address << sender undeliverable 2387 ACL unqualified helo hostname 3297 DNS nxdomain for MTA PTR hostname (forged @sender.domain) 3331 ACL MAIL FROM: bigISP forged 3809 ACL from_senders_slet 4431 ACL mta_clients_bw 5172 ACL helo_hostnames 6894 RBL bl.spamcop.net 11336 ACL SAV: unverifiable sender address << sender unverifiable 14433 SMTP Exceeded Hard Error Limit after RCPT 17298 ACL mta_clients_dict <<< blocked for sending to unk usr 20875 SMTP Exceeded Hard Error Limit after DATA 21713 ACL to_relay_recipients unknown recipient <<<< ============================================================== 131331 TOTAL
That's 130 K msgs kept off the mail box server completely about a full day.
Len
_____________________________________________________________________ http://MenAndMice.com/DNS-training: Wash DC; Dallas; Atlanta IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
