joej wrote:
Greetings.
While its a pretty brute force approach, one method I’m trying is to curtail the source of email. In otherwords, if smtp traffic comes from an unknown source it gets directed to a sendmail server that intentionally rejects the email message (550 with a informational message/url). If the email message comes from a “known” source (friend/family’s ISP) it gets routed to my main sendmail server which allows most email after checking for the obvious (non resolvable domains, blacklisted domains etc) using an access lists. I’ve cut down on Spam (including this account which I use solely for NANOG) to about 0. Granted the amount of valid email that can get rejected is high, but since I log the bounces on the drop server I can look for obvious rejects from good/expected email servers. Not by any means a solution to/for a large even medium size provider, but for a small home based setup it works well. Details at http://www.sumless.net/nsh.html
Cheers, -Joe Blanchard
Hi Joe, 1) You send bounces from spammers to innocent people, whose addresses have been forged. 2) Even if you modified the return address, so the bounce returns to the zombie, it does not make sense. Bots dont listen. Looks like you are adding to the noise and chance is good you are finding youself in a blacklist. 3) You are dropping valid emails. It might make more sense telling your friends not to send emails to port 25 but to port 26 if they want to get in. The spammers dont know how to switch to port 26. They will knock on the door once and go away. Another means would be switching to uucp. I have not seen any spam on our little uucp network yet. Cheers Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Rimbacher Strasse 16 D-69509 Moerlenbach-Bonsweiher +49(6209)795-816 (Telekom) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de mail: peter@echnaton.arl.pirates http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ http://www.cesidianroot.com/