Not that it is by itself but when combined with other conditions it is very effective. My theory is that after the message is sent by the virus sending the quit just takes more time and bandwidth so the spambot just leaves the connection open on the server side.
But - almost all of the connections that time out are spambots. So you can combine this with a number of other sins and have a very effective means of identifying spambots. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
