On Fri, 25 Jun 2004 12:01:35 +0200 (CEST), Steffen Kaiser wrote: > Wouldn't you qualify as an address harvester by some IDSes, > because you just connect to the server issue the RCPT TO then drop > the connection?
I guess that's a possible problem if you get a lot of mail from one domain. Have to think about that one. > (I suppose you use "MAIL FROM: <>" ;-) Yep. Don't want to get into a recursive loop with another server doing similar checks. :-) > Anyway, what about mail servers that always accepts RCPTs and fail > the connection during DATA phase only? Or when it tempfails you? > Or there is no connection possible? That just means I don't get a clear reject, so I accept the sender. > This method was discussed several times on this list and I got the > impression that it was found unreliable and good in the local > organization only. Yes, there are problems, wich is why my little test is done the way it is. I'd rather accept too much than reject too much. It still looks like it'd give good results though. Currently I'm monitoring this stuff with a small script that compares the result of the check to mails that are accepted. As the check looks now, it has not hit *any* legit mail at all. Every single mail that would have been stopped by my sender check as it looks now has been stopped by the greylist or the SA check. Of course this means that the sender check wouldn't really help me stop more spam or virii, but it would stop some of them at an earlier stage. Regards /Jonas -- Jonas Eckerman, [EMAIL PROTECTED] http://www.fsdb.org/ _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
