Last night I set up greytrapping entries in spamd for the first time. This morning I could see greytrapped entries in the output of spamdb so I decided to try the experience of being a (pseudo) spammer against my own network.
Here is a capture of an attempt to send mail from another location to one of the greytrap addresses after a previous unremarkable attempt on the same address so that it would qualify: 8>< snip $ telnet mail.witworx.com 25 Trying 218.214.194.115... Connected to mail.witworx.com. Escape character is '^]'. 220 puffy.witworx.com ESMTP spamd IP-based SPAM blocker; Mon Jun 12 09:45:04 2006 helo testliner.au 250 Hello, spam sender. Pleased to be wasting your time. mail from:<[EMAIL PROTECTED]> 250 You are about to try to deliver spam. Your time will be spent, for nothing. rcpt to:<[EMAIL PROTECTED]> 250 This is hurting you more than it is hurting me. data 354 Enter spam, end with "." on a line by itself Boo Hoo . 450-Your address 125.240.236.70 has mailed to spamtraps here 450 Connection closed by foreign host. 8>< end snip Well that's all just dandy - except for one thing. My remote test origin was not in Korea. Here are the logs from spamd for the period of the test: === Jun 12 09:49:29 puffy spamd[5688]: 125.240.236.70: connected (3/2), lists: korea Jun 12 09:49:44 puffy spamd[5688]: (BLACK) 218.214.111.178: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> Jun 12 09:50:23 puffy spamd[5688]: 125.240.236.70: disconnected after 54 seconds. lists: korea Jun 12 09:52:55 puffy spamd[5688]: 218.214.111.178: disconnected after 471 seconds. lists: spamd-greytrap === Sure enough I was trying from 218.214.111.178 but spamd told me that I was from 125.240.236.70. Looks like a buglet to me. Rod/ >From the land "down under": Australia. Do we look <umop apisdn> from up over? Do NOT CC me - I am subscribed to the list. Replies to the sender address will fail except from the list-server.
