[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: spam blocking engine

tai <tai_(_at_)_urd_(_dot_)_spidernet_(_dot_)_to> writes:
> Date: Fri, 20 Dec 2002 07:51:57 -0600 (CST)
> From: tai <tai_(_at_)_urd_(_dot_)_spidernet_(_dot_)_to>
> To: misc_(_at_)_openbsd_(_dot_)_org
> Cc: misc_(_at_)_openbsd_(_dot_)_org
> Subject: Re: spam blocking engine 
> In-Reply-To: <200212200414_(_dot_)_gBK4EFo2028666_(_at_)_bofh_(_dot_)_ucs_(_dot_)_ualberta_(_dot_)_ca>
> Message-ID: <Pine_(_dot_)_BSO_(_dot_)_4_(_dot_)_44_(_dot_)_0212200751060_(_dot_)_13860-100000_(_at_)_urd_(_dot_)_spidernet_(_dot_)_to>
> On Thu, 19 Dec 2002, Bob Beck wrote:
> > 	the advantage of the tiny daemon on the redirect is that it does
> > not take up much for system resources, or a lot of bandwidth (the tiny smtp
> > dialogue before the 450 doesn't amount to much) to make them keep trying.
> 	What happens if you redirect it back to itself (the relay)?

Probably the same thing that happens if you redirect it anywhere else.
I don't know of any mailer that actually does auto-redirection.
Sendmail in openbsd doesn't do this, just to take a particularly
blatant example.

A lot of "open relays" turn out to be web proxy servers -- based on the
not very scientific evidence of my analysis of the last 11 messages in
my inbox, I would say as many as 70% of relays are now proxy servers of
various sorts, and no more than 30% comprise actual stupidly configured
open smtp relays.  The advantage (to the spammer) is that web proxy
servers have a small footprint, leave few signs of usage behind, and
are fairly ubiquitious.  However, this also means that the behavior
we've all been assuming 451 will have probably doesn't matter.  A
colleague of mine recently discovered, the hard way, that "internet
junkbuster" was in fact an open relay (he's now running privoxy.)  Squid
has a similar potential - I don't know how likely it is someone could
accidently configure openbsd to do this.