You know what I would like to see is a means of sending back a message on confirmed Spam that carries the "550 User Unknown" designation and a "from" address appearing to be [EMAIL PROTECTED] (whatever it was) to make it appear believable.
I realize that a goodly number of these would bounce because the sender had a bogus address and/or domain and possibly you could only do this when the Reverse DNS lookup actually worked, but since the bounce will come back through declude you could plant a header that you could detect and simply cause the message to be discarded when it comes back (the bounce confirming it was spam). This would possibly make some of the spammers remove the apparent "bad addresses" - if any actually do that.
Another thought. Would it be possible, if not too much overhead, to do an SMTP HELO connect to the alleged sending server and verify the sending email address actually exists in the domain (after confirming the domain exists of course)? I have a utility I tried out to monitor our server that appears to do just this to partially verify the e-mail server is running. I think I would do this only after all the rest of the tests have run and the message is still good to go but suspicious.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
