On Thu, 18 May 2006, Marc Perkel wrote:
> > I'm glad it helps you, but for the folks[1] with domains that
> > are heavily forged by spammers, the callbacks themselves are
> > a additional DoS they have to deal with.
> >
> > [1] not me, but others I know.
> >
>
> Not if it's done right. Exim caches results avoiding repeated calls. And
> I do a trick with dictionary attacks where I will return a DEFER on an
> IP address for a 5 minute period if they commit certian sins that get
> their IP on my 5 minute defer lists.
>
(no cc needed, thanks)
I'm not saying don't do callbacks, but while your idea isn't a
bad one, it may not help much when you're dealing with a spammer
with thousands of compromised boxes they're sending through.
For smallish receivers doing the callbacks, this really isn't
that big a deal (at least imho). The case I'm thinking about
was one large provider's setup beating up a domain that had
literally a handful of legit Rcpt_Tos.
--
--------------------------------------------------------
Dave Lugo dlugo@??? LC Unit #260 TINLC
Have you hugged your firewall today? No spam, thanks.
--------------------------------------------------------
Are you the police? . . . . No ma'am, we're sysadmins.
