Phil (Medway Hosting) napisał(a): >> I tend to consider them as a way of reducing spam, and everything that >> does is for the Greater Good, IMO. Also, I'm quite happy to receive this >> kind of requests at our server, so I'll happily use them myself - >> according to some principle we read in some holy book or the other at >> school... >> > > You obviously haven't received 100,000+ or more of them in one day because > > some spammer was forging the FROM from a domain that host. Let's see:
220 xxx.xxxxxx.xxx ESMTP Fri, 06 Jul 2007 13:35:38 +0200 ehlo spammer.somewhere 250-xxx.xxxxxx.xxx Hello localhost [127.0.0.1] 250-SIZE 20971520 250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP mail from: [EMAIL PROTECTED] 250 OK rcpt to: [EMAIL PROTECTED] 250 Accepted quit 221 xxx.xxxxxx.xxx closing connection That's about 320 bytes both ways. Times 100,000 ~= 30 megabytes. Woohoo. You will have to install a few terabit/s links to deal with that I see. > NO it is NOT for > the greater good, T'is I agree with: it is so our users don't leave us all for GoogleMail, because they are too sick of the volume of spam plus spammers using their domain name in vain. I need to primarily cater to them, not to other operators, and as far as I can see they wouldn't think twice before jumping into making this tradeoff: use callouts with very low cost attached to them and have less spam, or not use callouts and suffer more of that plague. Note: you ignore another cost of bandwidth: without callouts, more spam is sent worldwide. That's a cost borne by someone as well, and that someone may be you or your users. > and would block only a tiny %age of spam. This may be so, but I would like to see some realistic numbers and experiments to show that. My own (admittedly, quick) estimates based on my mail logs indicate that the volume of spam cut short by callouts is approx. 5/6 of spam, while SpamAssassin has to deal with 1/6 remaining. > Firewalling the > entire world would also be good for blocking spam - doesn't mean its a good > idea. Try reading some of the articles on > http://www.google.co.uk/search?hl=en&safe=off&q=callouts+abusive+behaviour+spam&meta= > - > especially the ones on NANAE > > Taking the attitude of "it doesn't hurt me and sod the rest of the world" is > akin to "my machine has a virus but it still works fine - why should I > worry". > Verifying someone's e-mail address in compliance with internet-wide standard (SMTP RFC), on MX he exposed for purpose of e-mail communication with him, is like infecting others with viruses? That's kind of stretching the analogy. -- Marcin Król -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
