Serge Knystautas wrote: > > Theory of spam prevention and fast-fail aside, I was thinking about > adding a mailet to James that would look for DOS attempts,
<snipped> I would tend towards a Mailet that maintained the statistics, computed the probability that a mail is the result of a DOS attack and recorded the probability in the mail. An accompanying Matcher could then match on a given probability threshold and invoke any pre-existing Mailet or Processor to take the desired action. This could include bit-bucketing it, sending it to the Spam processor, whatever. For internal James use the probability could be recorded as a MailAttribute, but it would also be useful to have the capability to write the information as an X-Header so a downstream server or a client could take the desired action. Come to think of it, a separate Mailet that transformed a MailAttribute to an X-Header would be generally useful if it enfuses anyone. The probability would need to be calculated using degrees of certainty based on the number of observations so as not to skew the results towards a few negative observations caused by non-malign human errors. Regardless of implementation, beyond handling DOS attacks, it provides greater flexiblity than treating all mail for unknown users in a local domain in the same way. It would allow us to distiguish between persistent offenders and occasional mistakes, enabling the option of treating the former harshly and the latter in a more kindly manner. Currently I just bit-bucket all such errors. -- Steve --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
