[Ilugc] spam control technique that works
- From: kapil@xxxxxxxxxxx (Kapil Hari Paranjape)
- Date: Tue Jun 24 06:35:16 2008
Hello,
Apropose greylisting.
On Mon, 23 Jun 2008, Arun Khan wrote:
Not sure if this 'Net legend but I have heard that some spam software
take this technique into account and retry the MTA at which point the
email is accepted.
The principle behind greylisting is that the SMTP RFC allows for:
a. temporary unavailability of resources on the mail server.
b. certain time delays in responses from the mail server.
So the server maintains a record of known transactions in the form
sender A -> recipient B.
If a new mail arrives and is *not* one of these known transactions,
then the delays as above are applied.
So a spambot that is willing to send messages slowly *can* get
messages through such greylisting technique.
Suppose that such a spambot is actually a virus. Due to the near
exponential spread of the virus, there is no need for it to be
"fast".
So, if a virus-writer knows about grey-listing and is willing to
patiently create a bot-net, greylisting _alone_ would be ineffective.
Regards,
Kapil.
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :
http://www.ae.iitm.ac.in/pipermail/ilugc/attachments/20080624/5f7bd6dc/attachment.bin
Other related posts:
