Or,.... The spammers will find his host and don't use the highest MX record. Or just remove his host from all the results.
My best solution would be: Marc, - Clean up the code - Write a manual howto install so every admin can install it - Write an extra bit of code which will send you all the information WITHOUT the information below. - Everybody who wants it can use your great software and we all win* I have contracts with my customers that I will not use their email for other business then to deliver it to its destination. Some of my customers will get into problems if other people know their contacts. So I can give you all information about an email message without - The from - The to - The body But with all the IP addresses and with the QUIT after 451 status. * we all know you wouldn't use it as a selling point to spammers or do something else with it but can/will you write that into a contract with all other admins. And pay a large sum of money if some data is "found" on the internet. And do we want that type of "silly" contracts. No we want to stop spam and not kill every other spamkiller (application or person) met vriendelijke groet, Maurice Lucas TAOS-IT ............................................................................ Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl<http://www.taos-it.nl/> KvK Haaglanden nr. 27254410 From: Marc Perkel [mailto:[EMAIL PROTECTED] Sent: donderdag 8 mei 2008 19:07 To: Kevin Parris Cc: users@spamassassin.apache.org Subject: Re: Experimental - use my server for your high fake MX record Kevin Parris wrote: Well now, if a spambot actually does start recognizing and avoiding his system, doesn't that mean he wins and the spammer loses? I would say YES! You should make an effort to clean it up so that others *can* install it as a standalone daemon, as I suggested. Why? How long will it be before the spambots explicitly refuse to contact your honeypot if it is listed as an MX for the domain they're attacking? I don't see that happening. If the spammers were that sharp they would send quit and close the connection properly and defeat the meathod rather than defeating just me. But it would cost them some bandwidth and speed to do that. Especially if I added some delays before doing the rejection which would cause the spammer to have to keep the connection open longer which they aren't going to do. I'm going to think about the delay thing. You inspired possibly another good idea.