Re: [exim] Fighting DEA providers

Top Page
Delete this message
Reply to this message
Author: Jasen Betts
Date:  
To: exim-users
Subject: Re: [exim] Fighting DEA providers
On 2014-06-03, Chris Knipe <savage@???> wrote:
> Hi All,
>
> We have a subscription service where users can sign up and receive
> free access, prior to having to subscribe. Allot of users, are
> signing up with DEA based email addresses, thus gaining access and
> more than a single free trial - which is far from ideal for us.
>
> Is there any specific MTA way of dealing with DAE providers? For one,
> that I have thought about, is that I can inject email into Exim using
> a specific router. Is there a way to tell the router to queue the
> mail for a random period of time prior to delivering it? Most DAE
> addresses will for example only be active for a short period of time,
> thus using a delay, can cause the email to bounce.


I don't think gorillamail or mailinator expire email addresses,
and the clever users can shun those services and set themselves
up as an MX using a free domain name from dyndns or no-ip.

(for dnydns list mx.fakemx.net as secondary)

> Is there perhaps any other, better, more intelligent ways of dealing
> with DAE? A RBL of sorts? We have a database of some 400 odd domains
> currently, and it's growing nicely but I'd prefer to be pro-active
> about this and block before we have to 'manually' add it to a
> database.


a: rate limit based on signup IP address.
b: captcha (mainly needed to keep the botnets out)
c: arrange anti-synnergy such that several free accounts aren't as
useful as one paid account.

--
umop apisdn