Moin, > How do you prevent that abusers will enter many mail addresses and > you send out many test mails to people who never requested them?
Now? Block-List skipping mail-sending for the most common providers and limiting in-flight tests for other domains. But with a sufficiently large botnet and enough different targets, you can still make the system send out quiet some mails. Still, I believe it should be more restrictive in that than the mailop@ ML signup form; Furthermore, even before some tighter limits i hardly saw more than one mail being send to one remote address. Which is part of the reason for this mail; Are there any best practices beyond what i did above for preventing this form of abuse (apart from 'wanna do "Captcha & Cloudflare" tonight' ? I mean, from the top of my head i can think of a ton of services that will more conveniently send more mails than mine; Not to speak of all the stuff you can do with recipient delimiters to make services send more mails to the same mailbox. With best regards, Tobias -- Dr.-Ing. Tobias Fiebig T +31 616 80 98 99 M tob...@fiebig.nl _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
