Re: spam sent to debian.org addresses

To: debian-project@lists.debian.org
Subject: Re: spam sent to debian.org addresses
From: Neil Schemenauer <nas@python.ca>
Date: Thu, 1 May 2003 09:49:39 -0700
Message-id: <[🔎] 20030501164939.GA11123@glacier.arctrix.com>
In-reply-to: <[🔎] 20030501133603.GI14581@alcor.net>
References: <20030429185043.GB4845@wonderland.linux.it> <20030430205056.GJ5949@alcor.net> <[🔎] 200305010853.35543@fortytwo.ch> <[🔎] 20030501133603.GI14581@alcor.net>

Matt Zimmerman wrote:
> Adrian 'Dagurashibanipal' von Bidder wrote:
> 
> > A big part of the spam can be trivially blocked at the point where
> > it enters the Debian servers, using DNSRBLs and other sensible
> > restrictions. When it enters my mailer, it can not be trivially
> > blocked as it comes from murphy.debian.org which is a mail server I
> > want to accept mail from.
> 
> A lot of legitimate mail can be trivially blocked this way, as well,
> which is why it doesn't make sense to drop it on the server side.

My solution to this problem is to temporary reject the message but also
keep a cookie identifing it.  If the message is still being retried
after a certain amount of time (e.g. 24 hours) then it is allowed.

This technique has been very effective for me.  A lot of spam is sent
directly and is not retried.  Open relays are often fixed before the
time is reached.  Spammers that connect directly cannot keep retrying
for a long time.  They need to hit and run otherwise the IP address they
are using will be blackholed.

  Neil

Reply to:

References:
- Re: spam sent to debian.org addresses
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
- Re: spam sent to debian.org addresses
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: spam sent to debian.org addresses
Next by Date: Debian reliability growth
Previous by thread: Re: spam sent to debian.org addresses
Next by thread: Re: spam sent to debian.org addresses
Index(es):
- Date
- Thread