Autor: Marc Perkel Data: A: Thomas Tonino CC: exim-users Assumpte: Re: [Exim] TARPIT ACL - for Spam Control
Yes - the ide would be to make it slow and expensive for spammers to
connect to our servers. So expensive perhaps that they create a
blacklist to avoid us! I would love to be on that blacklist.
Thomas Tonino wrote:
> Now I had a different idea based on the fact that sending spam is
> cheaper than handling the mail for the receiver.
>
> Delaying/tarpitting makes sending a bit more expensive. But it being
> just an open conection means it doesn't help a lot. But it can limit
> the amount of mail getting into your system if you set a limit on
> simultaneous connections per IP.
>
> Now, if we would send a lot of continuation lines in the response, for
> every RCPT, the session would use real resources for the spammer. The
> current situation is perhaps 60 bytes per recipient. We could raise
> that to 1200 bytes.
>
> A dial-up spammer would drop from sending 100 mails per second to 5
> mails per second.
>
> Of course it is pretty inelegant. But it could be a suitable resonse
> for hosts one a dynamic IP list if you do not want to totally block
> them, and think delaying alone is not effective enough. Just because
> it raises the effort for non legitimate mail more than it is for real
> mail.
>
> And it only helps in cases where the spammer bandwidth is limited, and
> the victim has soem bandwidth to spare. That means it would work for
> large ISPs.
>
> BTW while setting up tarpitting I've noticed that using message = in a
> deny statement does not give anything back in the SMTP session. Any
> way around that? It would at least be nice to send some indication why
> our mail server seems so slow.
>
>
>
> Thomas
>
>