starting saturday, i've been getting an increasing amount of
fake bounce spam predending to be a undelivered mail
notice from MAILER-DAEMON or similar. overnight i
received >500 such emails. as an emergency measure, i applied
this terrible hack to smtpd:
; 9diff smtpd.c
/n/sources/plan9//sys/src/cmd/upas/smtp/smtpd.c:1175,1180 - smtpd.c:1175,1184
"recipients");
return -1;
}
+ if(1){
+ werrstr("rejected: /dev/null likely spam ");
+ return -1;
+ }
return 0;
}
unfortunately, if i really do send mail that bounces, i won't know
about it.
i suppose it would be much better to accept bounces only from addresses to which
email has been sent. though that may mean maintaining a list (per user?).
- erik
