Re: [Exim] offers123.net & possible DOS.

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: David Woodhouse
CC: Exim users list
Subject: Re: [Exim] offers123.net & possible DOS.
On Fri, 17 May 2002, David Woodhouse wrote:

> If I do this on a box from which 3 people are subscribed to a list like the
> linux-kernel mailing list, how many connections per day will it be making
> to verify owner-linux-kernel@...?


But you don't have to implement callbacks on an all-or-nothing basis.

Using v3, we've built-up a moderate-sized database of valid domains
which, in our experience, are frequently used for constructing
counterfeit addresses. Other sites would no doubt see a different
pattern of behaviour... but you could get yourself a starting point
for such a list from
http://www.monkeys.com/anti-spam/filtering/additions.html

In any case, there are plenty of domains that say OK at RCPT TO: time
to even the most preposterous addresses, and only repudiate them
later: waste of effort to list those in callbacks.

And then again, there's the rfc-ignorant sites that barf on an attempt
to send a bounce. I toyed with the idea of blocking all mail from
btconnect.com for that reason, but unfortunately we have some users
who have bona fide correspondents there - and I doubt that one little
academic department is going to convince the great might of
btconnect.com to conform with Internet standards. Anyhow, there's no
point in listing those kind of perps in your callback domains list,
either.

good luck