On Sat, 9 Sep 2000, Philip Hazel wrote:
> On Fri, 8 Sep 2000, Dave C. wrote:
>
> > Well, when you reject at SMTP-time, it is the sender MTA's
> > responsibility to send the bounce. In the case of a legitimate email
> > (with a mistyped address or something), the sender MTA will usuaully do
> > so. In the case of a spam, we really don't care what it does ;)
>
> True. But for legitimate mail, I want to send all of this:
Yep. Spam sucks.
Something thats occured to me, is that sometimes spam will include
toll-free numbers (well, I guess this is somewhat US-centric) to call
to order or otherwise respond. I wonder what would happen if EVERY
person that received such a message, simply called the number, and
either left a message, or told the person that answered to stop sending
spam. (Without giving out their address or name or anything).
Probably what would happen is much less spam would have toll-free
numbers, rather than there being much less spam. Of course, not
including a toll free number might reduce their assumedly already tiny
positive response rate just enough to give them back some
annoyance.. sigh..
>
> Your message to ${LOCAL_PART}@??? has not been delivered, because
> "${LOCAL_PART}" is not a known mailbox on this system.
>
> User mailbox names normally consist of a sequence of letters followed by a
> sequence of digits. The letters are (some of) the user's initials, the last one
> being the first letter of the user's surname. The first digit is always greater
> than 0. There are a few 4-letter names that contain no digits.
>
> A common error is to confuse the digit "1" with the letter "l". For example,
> Orlando Jacob Lassus' mailbox might be called ojl234, which sometimes gets
> misread as oj1234. The digit "0" and the letter "o" can cause similar
> confusion.
>
> The web page http://www.cam.ac.uk/CambUniv/Finding/ contains information about
> finding people at Cambridge University. If you need further assistance, please
> email to postmaster@???, giving as much information as possible.
>
> That's far too much to put in an SMTP error message, but we have found
> that it does reduce load on out postmasters - at least for those senders
> that actually bother to read it (which is another problem again).
Hrm.. You could put a URL to a page with that information in the 5xx
code.. Not a perfect solution of course, but better than nothing..
>
> > Of course, it would be nice if all MTA's were smart enough to actually
> > include the text after your 5xx code in the bounce message they
> > generate ;)
>
> That's also true.
>
> > Of course, you could perhaps establish a list of 'legitimate' mail
> > servers, and accept messages from those hosts, and send the bounce. Any
> > others would get rejected at SMTP time..
>
> That is *exactly* what I do do, but the set has to be pretty crudely
> defined (e.g. I exclude all of .com) and also has to be maintained.
Hrm.. Dont have an _exclusion_ list, have an _inclusion_ list. By
default all hosts that try to send to invalid recipients get rejected
at SMTP-time. List all locally trusted servers, any big ISP's main
servers (that are known not to be open relays), anything other hosts
that occur to you to not be likely to be sending spam. (Of course, your
secondary MX's would have to share your policy)
One could then come up with a number of ways to continue building up a
list of 'legitimate' mail servers.
Possibly could also have the following - if the sender-host of a given
message is listed as an MX for the sender-domain, don't reject invalid
recipient at SMTP-time. You might get a good percentage that way - not
much spam will get through that (of course, they will learn how to
defeat that, but if they are at a fixed address, much easier for RBL to
list them, and the throwaway-dialup spammer will have a much harder
time)
