--On Tuesday, September 13, 2005 1:29 PM +0200 Steffen Kaiser
<[EMAIL PROTECTED]> wrote:
Well, the same effort in to detect "bad" MX hosts can be performed by
ratware, hence, this technique can last for short while only, perhaps the
usefullness is gone by now.
The 2nd best solution is to use "black hole space" for the last MX, IP
space guaranteed to not have a host. This ensures that the spammer has to
time out the connection. But it means that the timeout is only as long as
the stock TCP SYN timeout.
An even better solution is to point to a host that tarpits port 25
connections. Such a host accepts the connection, but then turns the TCP
feed into a trickle, effectively forcing the spammer to tie up the
connection forever. (You can install a netfilter module on Linux called
"TARPIT" for this purpose.)
_______________________________________________
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
