Spam Challenge-Response system
Andy Bradford
amb-plugg at bradfords.org
Fri Apr 10 12:53:45 MDT 2009
Thus said Michael Torrie on Thu, 09 Apr 2009 14:44:19 MDT:
> I have noticed, though, that over the last year or two more and more
> spam bots are calling back and delivering their spam. Maybe we need to
> combine greylisting with some kind of tarpit idea. Where we hold onto
> their connection for 30-60 seconds before saying, "try back later."
There are a number of things that help out in this respect. If you
really want to slow down spammers try using something like this:
telnet 166.70.45.22 25
Try talking SMTP to that if you can. :-)
A variant of your holding the connection idea has already been proven to
work:
http://www.armory.com/~spcecdt/spamware/
For example, impose a 10 second wait for all hosts and a 30 second wait
for all hosts that don't have proper reverse DNS. In addition, there are
other tricks, like sending an error if any data is sent prior to the
SMTP 220 greeting banner (aka greetdelay). Like this:
telnet 166.70.45.18 25
If you send HELO before you see the 220 banner you will not be able to
send me email.
Andy
--
[-----------[system uptime]--------------------------------------------]
12:50pm up 52 min, 1 user, load average: 1.08, 1.02, 1.01
More information about the PLUG
mailing list