* rich...@buzzhost.co.uk <rich...@buzzhost.co.uk>: > On Tue, 2009-11-10 at 14:32 +0100, Ralf Hildebrandt wrote: > > * rahlqu...@gmail.com <rahlqu...@gmail.com>: > > > Ok regex is not my strong suit by any means. Trying to get a match for > > > email > > > addresses that start with a pipe character ( about 15% of my spam is this > > > ). > > > > That's not needed. Why are you accepting mail to NON-EXISTING > > recipients at all? > > > Ralf, may I ask, do you predictably trot this offensive answer out all > the time for fun, or just because you are bored?
If you make your system accept mail for non existing addresses, then you can do all kinds of useful research, but then you also usually know how to handle stuff you REALLY don't want to receive. In the OP's case (like he said in a PM), it's probably better to block RCPT TO:<|.*> on the MTA level. He's generating throwaway addresses to find out who's selling these contact addresses. > FYI, the last time I looked it was not a criminal offence to use a catch > all, unless the law is different in Germany? I fail to see how that matters, since he's not in Germany. And it's not. > I make heavy use of catchalls for spam tracking using 'balloon race' and > watermarking. I may, however, wish to skew and filter some combinations > despite running catch all. Makes perfect sense. > Please keep this in your mind in future before trotting out that tired > old gas. For everybody but the old scientific anti-spam geek in his/her sekrit lab it's really safer to just block mail to non-existing recipients. We're still getting enough spam that way. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
