Hi,
I fear there are already more zombies than admins ...
It is a good idea to implement some kind of limiting, however, both on senders
and receivers.
Some big ISPs dont take more than ## mails per hour from any other server,
unless the other
one is a biggie too, or there is mutual agreement.
L
On Thu, 17 Nov 2005, mouss wrote:
Roger Taranto a écrit :
If it didn't tie up sockets on our machines, it seems like instead of
rejecting the mail, we should just hold on to the mail connection for as
long as possible. It wouldn't take too long to tie up all of their
outbound connections an
PROTECTED] designates
>> 212.202.99.227 as permitted sender)
>> Date: Sat, 19 Nov 2005 15:31:24 +0100
>> To: users@spamassassin.apache.org
>> Subject: Re: [sa-list] OT: Spammers' reactions to rejection
>> X-Mailer: Virtual Access Open Source http://www.virtual
Magnus Holmgren wrote on Thu, 17 Nov 2005 19:04:06 +0100:
> Spammers need to clean their address lists once in a while, lest they
> end up with a very low proportion of valid addresses, right?
They do not care at all, at least not those which make up for the majority
of spam. They don't even ca
Kris Deugau wrote on Fri, 18 Nov 2005 12:54:54 -0500:
> A nice thought, but absolutely useless in the case where you receive any
> volume of mail from a host running qmail. :(
Doesn't it try to deliver the rest a bit later? After all, it should
recognize that it was able to deliver a few ...
> I would vote that these "legitimate mailing list" are not so
> legitimate if they can't clean up bounces after several years of
> getting them.
Legitimate != well-run.
--
Dave Pooser
Cat-Herder-in-Chief, Pooserville.com
"In our family, happy usually involves gunfire and at least
two patrol cars
At 04:09 PM 11/18/2005, Vivek Khera wrote:
On Nov 17, 2005, at 2:05 PM, Kelson wrote:
incoming mail. I turned them back on, unsubscribed from everything
for a few months to weed out any legitimate mailing lists that the
old users might have subscribed to, and eventually turned them into
spam
On Nov 17, 2005, at 2:05 PM, Kelson wrote:
incoming mail. I turned them back on, unsubscribed from everything
for a few months to weed out any legitimate mailing lists that the
old users might have subscribed to, and eventually turned them into
spam
I would vote that these "ligitimate m
"Dan Mahoney, System Admin" wrote:
> Three firewall rules I think nobody should live without:
>
> 1) ipfw add 500 allow tcp from any to me 25 limit src-addr 2 setup
>
> Yup, you read that right. Limits tcp connections to no more than two
> per connecting address. You could probably even drop th
On Thu, 2005-11-17 at 11:55, Christian Recktenwald wrote:
> On Thu, Nov 17, 2005 at 11:42:44AM -0800, John Woolsey wrote:
> > It would be an interesting addition to a honeypot. Make the mail server
> > just hang up and not respond to tie up connections on the spammer.
>
> There's a cool piece of s
On Thu, 17 Nov 2005, mouss wrote:
Three firewall rules I think nobody should live without:
1) ipfw add 500 allow tcp from any to me 25 limit src-addr 2 setup
Yup, you read that right. Limits tcp connections to no more than two per
connecting address. You could probably even drop that to one.
From: "Kelson" <[EMAIL PROTECTED]>
Magnus Holmgren wrote:
Question: Is there any knowledge as to how spammers deal with different
kinds of failure? Does it matter if I reject the RCPT command or the
MAIL command, or even drop the connection right away
I'm sure it depends on the spammer, but a
On Thu, Nov 17, 2005 at 11:42:44AM -0800, John Woolsey wrote:
> It would be an interesting addition to a honeypot. Make the mail server
> just hang up and not respond to tie up connections on the spammer.
There's a cool piece of software holding tcp connections
alive as long as possible called "la
Roger Taranto a écrit :
If it didn't tie up sockets on our machines, it seems like instead of
rejecting the mail, we should just hold on to the mail connection for as
long as possible. It wouldn't take too long to tie up all of their
outbound connections and back up their mail server. Unfortu
Roger Taranto wrote:
> On Thu, 2005-11-17 at 10:17, Matt Kettler wrote:
>
>>Magnus Holmgren wrote:
>>
>>>Spammers need to clean their address lists once in a while, lest they
>>>end up with a very low proportion of valid addresses, right?
>>
>>No, they don't have to clean it.
>
>
> If it didn't
It would be an interesting addition to a honeypot. Make the mail server just
hang up and not respond to tie up connections on the spammer.
- bfn - JAW
-- Original Message --
From: Roger Taranto <[EMAIL PROT
On Thu, 2005-11-17 at 10:17, Matt Kettler wrote:
> Magnus Holmgren wrote:
> > Spammers need to clean their address lists once in a while, lest they
> > end up with a very low proportion of valid addresses, right?
>
> No, they don't have to clean it.
If it didn't tie up sockets on our machines, it
Magnus Holmgren wrote:
Question: Is there any knowledge as to how spammers deal with different
kinds of failure? Does it matter if I reject the RCPT command or the
MAIL command, or even drop the connection right away
I'm sure it depends on the spammer, but a while back I started looking
at the
Magnus Holmgren wrote:
> Spammers need to clean their address lists once in a while, lest they
> end up with a very low proportion of valid addresses, right?
No, they don't have to clean it.
Let's face it.. spammers are currently making extensive use of dictionary
attacks to add more addresses to
Spammers need to clean their address lists once in a while, lest they
end up with a very low proportion of valid addresses, right?
Question: Is there any knowledge as to how spammers deal with different
kinds of failure? Does it matter if I reject the RCPT command or the
MAIL command, or even drop
20 matches
Mail list logo
