On Fri, 2002-10-11 at 01:28, Carl E. Mankinen wrote: > With all this talk of SA stalling, I decided to go ahead and post an idea > that a friend of mine posed to me a couple days ago. I don't think he is > interested in posting to the list, but he hates spam as much as I do. > > The idea is to do something like the "CodeRed" tarpit (labrea, heh) did for > infected IIS servers, but instead use the technique to slow down MTA's that > are being used to deliver spam. > > It would be trivial to modify spamassassin on a high score spam email, to > hand off the address of the offender to a tarpit daemon. > > So if your MTA receives some spam, start sending half open tcp session > requests to the spam source/openrelay and slow it down. If a spammer hits > enough tarpits, then it would have the effect of totally DoS'ing the relay > he is using. I know that some of you will say this is a big legal risk, but > I wonder... > > What if you changed your 220 line to say "By connecting you agree to legal > terms at http://blahblah"; ? > Would that be sufficient to prevent legal issues? (I am sure some company > will get pissed their mail server stopped working, and rather hire attornies > instead of geeks to fix the problem.) > > Has anyone done anything like this yet? or has the idea been shotdown? >
I though qmail had/has something like this already. It's based on blackhole lists. It's covered in detail in the qmail handbook, which I conveniently left home today. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
