Re: [exim] verify_sender

Top Page
Delete this message
Reply to this message
Author: Russell Robinson
Date:  
To: exim-users
Subject: Re: [exim] verify_sender
Hi,

On Sun, 16 May 2010 10:47:43 am Ted Cooper wrote:
> A spamtrap will accept everything at RCPT time, otherwise it's very
> useless. How else would it accept all spam that comes to it? Some traps
> will return 5xx at the end of the data phase, but most will just
> silently accept the message as spam with 2xx codes all the way.
>
> Doing a sender callout to this type of email account provides no useful
> information.


Yes, you're right.

I got blacklisted at uceprotect.net because of an automated system that sent
mail to a spamtrap.

However, on reflection, it must of course be blacklisting based on RCPT
queries.

Here's a scenario that can cause this:

1. Website runs a forums which protects registrations with CAPTCHA.

2. Human being (or smart bot) signs up for the forum, solves the CAPTCHA, then
enters an email address that is a spamtrap address.

3. Forum software sends email to that address as the last part of verifying
the user. (Email goes to the spamtrap.)


--
Russell Robinson (russellr@???)