Re: [Exim] TARPIT ACL - for Spam Control

Top Page
Delete this message
Reply to this message
Author: Dean Brooks
Date:  
To: exim-users
Subject: Re: [Exim] TARPIT ACL - for Spam Control
On Tue, May 06, 2003 at 02:53:18PM +0200, Nico van der Dussen wrote:
>
> > >A simple implementation of this is
> > >
> > >accept  dnslists = blackholes.mail-abuse.org
> > >        delay = 4m

>
> Seems as if a new verb like "deny-delay" would be appreciated.
>
> But I'm sure there are already ways of achieving this :-)


Does anyone with a large email site actually implement
tarpit/teergrubbing?

What do you do when a spammer opens 10 channels to you every 20
seconds and you keep them open for a while? Your box would basically
become filled with idle connections, and since Exim uses a forking
model, it would potentially slow the process table runs due to the
number of processes. Depends on power of box, obviously, but still
would seem to be a potential problem.

Since the majority of the world's spam is headed towards larger ISPS
(who may not be implementing this) does all this talk of delaying
spammer connections really do anything significant, or does it just
make the owner of the victim SMTP server feel good about themselves?

I'm sort of playing devils advocate here, but I just dont see this
as being any significant deterrent to spammers unless the AOLs,
Hotmails, MSNs of the world are implementing this. After all, that's
where the majority of spammers want to go to reach the largest part
of their audience.

--
Dean Brooks
dean@???