On Thu, 12 Jun 2003, James H. Thompson wrote: > It seems that much SPAM originates from hijacked open proxy servers. > http://www.fr2.cyberabuse.org/?page=abuse-proxy > http://spamcop.net/fom-serve/cache/278.html > > It would be possible to make a plugin, that on the SMTP connect, takes the remote IP > address and > does a quick check for an open proxy on the remote IP address. If it finds an open > proxy, it could > block the connection, and add the IP to a local DB of IPs to block. It could also > remember the IPs > that passed if that made sense from a performance standpoint. > > Would a plug-in like this be a useful tool? Worth writing?
It's often considered rude to connect back on someone sending mail. We just do proxy checking on detected-spam so we don't piss off the innocents. However you're right - it's extremely effective. Catches about 65% of our spam. If you gave it at least a whitelist system, and some sort of back-off system (so you only test once a day) it might be considered OK. I use proxycheck here. Works pretty well. http://www.corpit.ru/mjt/proxycheck.html -- <!-- Matt --> <:->get a SMart net</:-> Spam trap - do not mail: [EMAIL PROTECTED]
