On Monday, December 20, 2004, 12:08:16 PM, Frank Precissi wrote:
On Mon, Dec 20, 2004 at 08:45:48PM +0100, Nick Askew wrote:
Hi,
I have MDaemon installed and lately it has been working wonders to reject spam. However I've noticed that all it does is bounces the mail back to the person who supposedly sent it. Now we all know that it is almost always some innocent address or a fake address and so best case the bounce is pointless and worst case some innocent person is being bombarded with mails.
AFAIK most daemons respond with a 5xx error when it gets a successful surbl result. I dont see this as being any different than normal RBL's which give an error on connection.
Keep in mind that some folks use SURBLs at the MTA level and others use it after the MTA has already accepted the mail, such as with SpamAssassin. (It is possible to call SpamAssassin from the MTA so that its results can be used to cause the MTA to reject mail, but that's a somewhat uncommon configuration.)
I'm relatively new to all this so please forgive me if this has been suggested before or indeed if it is simply possible with other mail servers. It occurs to me that we could list the various abuse addresses of the ISP hosting the black listed site and this could be returned when a match is found. If the server software then bounced the mail not to the sender but to the abuse address we would seriously start to affect these ISP's.
Most of these domains either dont have abuse addresses, nor care about any abuse email that rolls their way (the're just dummy domains who only exist for a month to spam, then die).. What you are suggesting is going to result in my server queueing the message (rather than just returning a 5xx half way through the SMTP conversation) and sending it to a (probably bogus) abuse address, which will bounce..
Probably that's the most likely result. As I mentioned in the other reply, generally speaking it's not a good practice to send any outbound network traffic in response to a spam. As Nick and others note, that can result in a DOS of both the sending and receiving servers.
It's probably better to remember or use information about spams received to block or delete future similar spams.
Jeff C. -- "If it appears in hams, then don't list it."