On 11/6/2021, Dan Mahoney (Gushi) via mailop wrote:
All,
I have email for my whole domain. I'm typically known to sign up for
services with vendor@mydomain, so that when an email gets retired or
leaked, I route it to /dev/null, or in the event of a leak, retire it
from the original place (say, [email protected]) and auto-route it to
spam reporting and bayes learning.
One of my older ones: [email protected] was a general purpose one, and
thus for that one, rather than just routing it straight to sa-learn, I
put in an autoresponder saying "the spammers won this address, if you
really want to contact me, use this".
Here's the thing though.
Spam is coming to me with VERP'ed addresses. It's getting autoresponded
to. Those autoresponses are then bouncing back to me as undeliverable.
So...you're a spammer. You're going to the trouble to do VERP. You're
throwing the responses on the ground, or even blocking their receipt.
Or your VPS got suspended (which I'm sure you saw coming).
What's the bloody point here? I mean, I know there doesn't have to be
one, buy I'f love to hear ideas as to what the possible use case is.
I mean, logically, one thing I could do is have my autoresponder detect
the verp'ed format to this address specifically, and not attempt to
respond to it (and in fact, I could report on/train on it).
The autoresponder is for legitimate humans trying to contact me directly
(i.e. nobody who will use verp). In the few years since I realized this
address was a lost cause, nobody's tried. (Although I have started
getting spam at gushi2015@domain, so that's some intelligence).
You might find a better operational experience by just rejecting the
messages in SMTP post DATA with a URL for a whitelisting web page. E.g.;
550 Rejected for spam. Please see
https://www.example.com/wl?e=<email_token>&d=<date_token>&i=<ip_token>
At least then you'll have a chance for the humans to see it w/out all of
the possible back-scatter and queues possibly filling up do to MX
records being forged and/or offline.
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
