Diego wrote:
Dears,
I'm submitting (from Italy) this simple change to your challenge/response system: it works faster, with less false positives (0% even with newsletters), less traffic, and less human operations.
The simple change is to turn the system in a challenge-NON-response system: when an unknown sender try to enter an InBox, a test message is immediately sent to the declared sender (and you do it now):
- if the sender is inexistent, the test message bounces and the related message (the most of spam) can be deleted.
Hmm, but what if the sender does not exist and the domain part of the sender address does not have MX or A records? Wouldn't the test message sit in the MTA's outgoing queue, _and_ the unknown mail in the user's INBOX, until the queuetime expires? Which usually is several days.
Correcting myself :-) :
The testmessage _would_ bounce quickly if the senders domain doesn't have MX or A records. But if the domain does have MX or A records and the mail server cannot be reached, then it would sit in the outgoing queue until queuelifetime expires. So, my point is that a spammer just need to make sure to use a domain with unreachable mailservers, for example "@example.com", or why not "@www.microsoft.com".
Correct?
_____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
