Here's my take: Ever met an MTA/MUA that _changed_ it's HELO name
mid-stride when you refused the first one? I didn't think so.
My copy uses DENY_DISCONNECT :)
-f
On Wed, 8 Feb 2006, John Peacock wrote:
Date: Wed, 08 Feb 2006 11:10:50 -0500
From: John Peacock <[EMAIL PROTECTED]>
To: [email protected], Charlie Brady <[EMAIL PROTECTED]>
Subject: Re: Should spamhelo DENY_DISCONNECT?
Charlie Brady wrote:
I don't want to waste my time talking to a spambot claiming to be
"aol.com". And there a big chance that he will ignore my 550 code, and will
send me the message anyway.
Except that qpsmtpd won't continue to play with that server (i.e. every
subsequent line will be refused). I'm actually looking at this with
require_resolvable_fromhost, which actually does (currently) a DENY_SOFT,
which is even more wrong.
I think what we need is a "three-strikes" meta plugin: if a remote MTA has
been sent a DENY_SOFT or DENY and continues to attempt the send a message (in
the former case without issuing an RSET), then we just drop them. I'm not
sure how easy that will be to add to the core code (we don't really have a
true FSM that we could just add that branch).
John
