Contributed by jose on from the no-more-spam dept.
Wow, looks like the Spews approach was good enough for Theo. Now it's even more accessible.From: Theo de Raadt
Date: Wed, 18 Dec 2002 19:25:02 -0700 To: email@example.com Subject: spam blocking engine This is a start at a spam blocking engine I have been working on. Very simply, this hangs the full list of ~12,000 spam-sending IP/mask entries listed at www.spews.org off a pf(4) rdr-anchor (which is only entered for port 25). When connections from these spammers arrive they are redirected to a daemon which minimally fakes the SMTP protocol with very low overhead -- for multiple connections at the same time -- and then the message is left on the sender's queue by providing a 550 return code. The theory here is that most spam still comes in via open relays, and the only way we are going to convince them to clean up their act is to waste _their_ disk space, their time, and their network bandwidth more than they waste ours. For those spammers who drop messages when they received a 550, well, we have not wasted any further time or network bandwidth, and even in that situation I think some of the might remove an address if they receive a 550. This will be chrooted and locked down further... and I also plan on adding stuttering to it, to waste the spammer's time further. If you use this, you must have very current pf code.
(Comments are closed)