"Jason R. Mastaler" <[EMAIL PROTECTED]> writes: > Tim Legant <[EMAIL PROTECTED]> writes: > > > I know you eventually want to block at the MTA level and that this > > is just a test, but for anyone else considering bouncing this crud > > at the TMDA level, you should probably just drop them instead. > > What about non-spammers sending mail from a freemail account?
Good point. Also, another good argument for blocking this stuff at the MTA level, preferably by IP, since domain name matching doesn't really work there, either. > I'd like them to know that I didn't accept their message so they > have the option of resending it with another address. I have at least two friends whose only address is at Yahoo. Neither would be able to send mail to me in either case (drop or bounce), unless I had pre-whitelisted them. I have, of course, but other potential correspondents in the same situation wouldn't be able to get through. I wonder if it's more rude to imply that you ignored them or to let them know explicitly that they're not allowed to email you. <wink> > Dropping is dangerous, because the assumption is that I've received > the message and just chose not to respond. Agreed. Yet another reason to do this at the MTA level where the message can be rejected before it even enters your system. Then there's no need to try to bounce to an invalid address at all. > > Save yourself the trouble (and Yahoo's servers the load of telling > > you the account is invalid) and just drop them. > > To a great extent, this is minimized by the smtp-check-sender script > which I call before the bounce=bounce_freemail.txt line. This doesn't > work with invalid Yahoo addresses because they use qmail, but it does > work with the other freemail sources such as Hotmail. Yup, that would help. I wonder if that's why so many spammers spoof a yahoo.com address. Out of nearly 800 messages in my pending directory, only 58 have a Hotmail Return-Path while 3 times that many have a Yahoo Return-Path. Interesting. I'm curious if you see a similar ratio in the vast pile of junk you collect (vaster than mine, anyhow). As I mentioned on -users, I've begun collecting the IPs from confirm requests that bounced and adding them to my local RBL. This avoids the whole problem of spoofed domain names, so valid Yahoo users can get through but the relays used by spoofing spammers get blocked. So far I haven't seen any spam from a Hotmail or Yahoo IP, but lots from DSL customers in Brazil. Tim _________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
