Chris Edwards wrote: > On Tue, 17 Oct 2006, Marc Perkel wrote: > > | Ok - I'm changing the subject line here to fork this topic. The issue is > | sender verification during a dictionary attack. If someone was faking a > | lot of different addresses at domain.com trying to send spam them my > | server would do callouts trying to verify email addresses and could > | cause a lot of collateral traffic. > > Rate-limiting callouts based on the sender domain only helps in the > special case where a spammer is repeatedly using one domain for multiple > attempts on your server. > > But surely most of the spam you receive has sender addresses in different > faked domains (not just different localparts at a single "domain.com"). > > So you'll still be emit a lot of collateral traffic. > >
Actually from what I've seen spammers will find some misconfigured domain that they like for some reason and use it for the fake addresses. Generally a domain that has catchall accounts. -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
