[conspire] I get mail

Don Marti dmarti at zgp.org
Thu Aug 10 12:40:52 PDT 2006

begin Rick Moen quotation of Thu, Aug 10, 2006 at 11:14:47AM -0700:

> The first obvious un-met need is for flood-protection on it, so that it
> couldn't be used to mailbomb any one claimed sending address.  I'd 
> do that, if I could figure out how.  

I cheated and let "vacation" do it -- it keeps a
db file of when it last responded to each address.
Here's the .forward file for user "info":

"|/usr/bin/vacation -r infinite -z -j info"

(The real "vacation" program is old enough that most
of the bad behavior has been complained out of it.)

> Since my procmail-fu is not very strong, I've mostly relied on my MTA's
> very well-developed abuse rejection, and hope that the result is not
> significantly vulnerable.  (In my experience, attempting to detect Joe
> Jobs, etc., _after_ MTA acceptance is hopeless, and so must be done at
> SMTP time.  My MTA's very good at that, but not perfect, for reasons
> inherent in current SMTP.)  

Of course if every domain had SPF, and every mail
server running an autoresponder checked SPF, it would
cover it, right?

Don Marti                    
dmarti at zgp.org           LinuxWorld: August 14-17, 2006, San Francisco

More information about the conspire mailing list