On Sat, 21 Jan 2006 manu@... wrote: > Andreas Unterkircher <unki@...> wrote: > >> Only a short note on this. When you only accept mails for existing users >> and return a error for all >> non existing users, it's easy for a spammer to checkout which email >> addresses actually exist. > > Do they really collect addresses this way? It sounds rather unefficient > (compared to parsing web sites) > I seem to get most stuff to more well known mail addresses, particulary lists@ (lists address) and alan@ (probably most visible in the ports list, silly me). As these are accepted, maybe there is something in the case that these stick around in the spam lists whilst rejected ones don't. I get some sent to nonsensical names like <4a5c07ce@...> - I just can't see the point of these. Maybe it would be better to accept and dump mail to non-existing users? If they did actually retry after the greylist reject, it would keep the spam databases full of rubbish addresses and every spam sent to my non-exists would be one less sent to real people. However, considering the success of greylisting, I'm not too sure how much notice is taken of the rejects. On the other hand, I get stuff to scatology@(usenet address) which is highly visible but rejected. On the other hand, the address on my website is not popular but that maybe because it has a + in it. -- Alan ( Please do not email me AS WELL as replying to the list. Please address personal email to alan+1@ as lists@ is not read. A password autoresponder may be invoked if this email is very old. )
Message
re: Re: Greylist vs. unknown users
2006-01-21 by Alan Clifford