On Tue, Apr 01, 2003 at 04:43:57PM +0100, Matt Sergeant wrote:I didn't invent this idea - lots of people have suggested it before now.
It's just dead easy to implement in qpsmtpd... The theory is that spammers
don't queue - they fire and forget. The only system that would queue is an
open relay, and those seem to be few and far between these days.
I'm dubious about the utility of this scheme
It stops spam. How more utile would you like it? ;-)
given that it only works with direct-to-MX spammers, who tend to originate from negligent ISPs and hence would exhibit a fair degree of address locality.
Have you done testing on this? It seems to me that all my spam is coming direct to MX via open proxies. Anyone using a static IP is going to end up in a blacklist pretty darn fast - hopefully by the time they get to doing their second run against my server. So far two spams got through this system in the 12 hours its been running (admittedly the early days are when its most effective, so I'll let you know how it goes in the coming days). Both came from open relays, and were detected on DNSBLs.
You could
improve it some by aging out entries in the table, but at the expense of
ongoing delays in legitimate mail.
Not really - you just age out all the entries that have only connected once (or maybe twice). That's a bit of extra work, but not much.
Matt.
