Author: Russell Robinson Date: To: exim-users Subject: Re: [exim] verify_sender
Hi,
On Sun, 16 May 2010 10:47:43 am Ted Cooper wrote: > A spamtrap will accept everything at RCPT time, otherwise it's very
> useless. How else would it accept all spam that comes to it? Some traps
> will return 5xx at the end of the data phase, but most will just
> silently accept the message as spam with 2xx codes all the way.
>
> Doing a sender callout to this type of email account provides no useful
> information.
Yes, you're right.
I got blacklisted at uceprotect.net because of an automated system that sent
mail to a spamtrap.
However, on reflection, it must of course be blacklisting based on RCPT
queries.
Here's a scenario that can cause this:
1. Website runs a forums which protects registrations with CAPTCHA.
2. Human being (or smart bot) signs up for the forum, solves the CAPTCHA, then
enters an email address that is a spamtrap address.
3. Forum software sends email to that address as the last part of verifying
the user. (Email goes to the spamtrap.)