On Tue, Mar 23, 2010 at 10:55:04AM +0100, Bas Mevissen wrote:
> On Tue, 2010-03-23 at 10:24 +0100, Ansgar Wiechers wrote:
> > On 2010-03-22 Bas Mevissen wrote:
> > > Why catch-all? Because I often use the part before the "@"
> > > as a key to see the origin of the e-mail when subscribing.
> >
> > That's what address extension was invented for. See the
> > respective section of man 8 local.
>
> I'm aware of address extension.
I think maybe I have discussed this with you before as well.
> It is a well-known trick, so the
> extension is likely to be stripped off by spam senders.
Funny thing about that. I have exactly one spamtrap address, and
precisely because of spammers stripping the extension. Some years
back, I made a few posts to a mailing list using this address:
list+el...@nodns4.us . Note, no munging considered necessary.
That address is not spammed at all; neither is the list@ address.
el...@nodns4.us is my spamtrap! I get lots of hits on that, over
2000 in the past month.
So, IME there is nothing to support your assumption about spammer
behavior. I would know it if the list@ address started to get hit.
I'd still be able to control it, because the only valid use of that
address have been list sunscriptions, each containing a +tag. But
this hasn't been necessary.
Moral of the story: maybe harvest bots are dumber than you think.
Likewise, perhaps, so is your catchall. :)
To be fair, I have used user+t...@addresses in other situations, and
in those cases it's not possible to say with certainty that user@
wasn't added to some spam list behind the scenes. But there too, I'm
able to say that spam is not a major problem for me. HELO checks and
Zen catch all but a few.
Oh, this was about greylist server recommendations, so I'll toss in
my opinion about that as well. I used to use sqlgrey. It is a fine
piece of software, well and actively maintained (even when Lionel
took a hiatus, he got a standin maintainer. The list, although very
quiet, is monitored.)
I stopped using it years ago. The pain of greylisting wasn't worth
the minimal benefits. I did not notice any substantive, measurable
difference in spam with and without greylisting.
I think by now the vast number of spambots mean that it's feasible
for any given zombie to go through its list more than once. I *do*
think that much of what little zombie spew I see comes in twice.
Possibly the occasional lack of the second copy means that the CBL
picked it up in the meantime.
Spamhaus PBL was extremely effective against zombies, as was the
widespread blockage of outbound port 25. I think the battle against
zombies will be shifting back to the relay-through-smarthost model
rather than the direct-to-MX model. This means that a postmaster's
job will be getting much harder.
Imagine that!
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
