Mailing List SIMS@mail.stalker.com Message #7335
From: Stefan Jeglinski <jeglin@4pi.com>
Subject: Re: Address harvesting and secondary servers (long post)
Date: Fri, 8 Dec 2000 13:07:31 -0500
To: SIMS Discussions <SIMS@mail.stalker.com>
A fourth, and I think best solution:  Have Sims treat incoming mail from the secondary server differently.

1) Have it ignore the secondary's IP and look at the previous hop to determine RBL/spamtrap/harvesting info.

2) if incoming mail from the secondary fails a harvest/spamtrap/rbl test, have it treated like a spamtrap.  That is, mail is rejected back to the previous hop.  If it can't be rejected back to the server before the secondary (which I suspect is the case) have the mail discarded in whole.

3) Never add the secondary to the temp ban list.


I agree, but how best to identify the secondary server? For example, PSI is our ISP, and they provide secondary MX for us. However, mail that comes through them (for example, some spammers after they get rejected by us, just drop to the lower priority mail server) might come from one of several machines they have set up for that purpose.

So, if SIMS allows us to identify a secondary server, it really needs to be able to identify several secondary servers, and it should be able to do so either by IP or FQDN, and also still not reject an ehlo.


Stefan Jeglinski

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster