The following log excerpt (email addresses changed to protect the
innocent and guilty), seem to indicate 2 problematic issues with
spamtraps as implemented in SIMS.
18:17:18 1 SMTP-489([200.121.224.249]) SPAM? address
<[EMAIL PROTECTED]> is a SpamTrap address
18:17:18 1 SMTP-489([200.121.224.249]) SPAM? address
<[EMAIL PROTECTED]> is a SpamTrap address
18:17:18 1 SMTP-489([200.121.224.249]) SPAM? Recipient
'<[EMAIL PROTECTED]>' rejected: user unknown
18:17:18 1 SMTP-489([200.121.224.249]) SPAM? The host is now on
TempBanned list for the next 1200 seconds
18:17:18 1 SMTP-489([200.121.224.249]) SPAM? Mail from
'<[EMAIL PROTECTED]>' rejected: SpamTrap
First of all, as you can see, the session (SMTP-489) is not
terminated upon receiving the first attempt to send to a spamtrap
address, in the first line. Instead, it another spamtrap contact is
logged and then an unknown recipient is logged. Shouldn't SMTP-489
have been killed after line 1?
The second issue, which suggests a downside in using spamtrap
addresses, is that they seem not to be counted toward a tempban. The
above excerpt had been preceded by 4 rejected: user unknowns from the
same server. The first 2 items in the excerpted log (spamtraps) are
evidently not counted toward the tempban threshold, so the tempban is
not instituted until line 3, effectively, after 7 incorrect addresses.
It seems to me that if spamtraps are not doing what they are supposed
to do, and are actually interfering with the useful mechanism that
automatically blacklists servers that persistently send to bad
addresses, it is better not to use them.
Any comment?
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[email protected]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
