At 16:28 -0000 Alan J. Flavell wrote:
>On Thu, 1 Jan 2004, Tim Jackson wrote:
>
>> Hi Tony, on Thu, 01 Jan 2004 15:33:18 +0000 you wrote:
>>
>> > It's a very bad idea to accept email for invalid addresses,
>
>Right. If I refuse to accept their mail on the grounds that they're
>blacklisted, the mail has still been refused.
>
>> I think what Alan was getting at was not that it's good to accept
>> invalid addresses, but rather to check DNSBLs *before* checking the
>> recipient validity (rather than the other way round, as was
>> suggested), on the basis that it prevents spammers who are listed in
>> a blacklist from checking lists of users.
>
>Just so.
Warning: pathlogist at work here. This is really not more than a toy.
Sometimes you want to tag rather than reject, so here's a rather silly
recipe. [Change the second line for your verification criteria; I'm using
an LMTP callforward.]
deny hosts = +rbl_hosts
!verify = recipient/defer_ok/callout=10s/callout_defer_ok
message = sender_host_address is listed in $dnslist_domain\n\
$dnslist_text
log_message = said $dnslist_domain; really
dnslists = my.favourite.rbl : ...
This lies: it tells the spammers nonexistent (or :fail: or whatever)
recipients were rejected because their host is blacklisted. It might
possibly alert some postmaster somewhere, though of course the spammers
aren't interested in the extra CPU/net cycles you've burnt..
Matt