/dev/rob0:
> On Fri, Jan 21, 2011 at 09:12:32AM +0100, Mikael Bak wrote:
> > Reindl Harald wrote:
> > > Am 20.01.2011 12:29, schrieb Christian Roessner:
> > >
> > >> Why adding a contact form? If a postmaster really does
> > >> his/her job and scans the logs, finds your assistance info
> > >> and enters the website, don't you think the same admin is
> > >> also able to write a mail to you (postmaster@...)?
> > >
> > > Because if his server is rejected you will also not receive
> > > this mail
> >
> > You can have rules on your mx letting in email for postmaster
> > and abuse addresses. I think that's quite common. We do that.
>
> When I did that, I found that the postmaster address was receiving
> bucketloads of spam every day, and maybe 2-3 legitimate mails per
> YEAR. Now my postmaster address is protected by Zen and basic HELO
> checks.
>
> But indeed, this gives me an idea: rather than a contact form, I
> might try a form which generates a limited-use non-blocked address.
> The next hurdle: how to present it in a way such that the end user
> can see/use it, and yet protect it from harvesting bots?
Solution: you make the address time-dependent. For example, valid
for a few days. After a week or so, add it to the spamtrap list.
I still need to make address_verify_sender/double_bounce_sender
time-dependent, as these are a kind of universal backdoor. It's
really trivial: the master daemon generates a secret, and Postfix
daemons inherit it as child processes from the master. The verify
daemon uses that secret to generate a time-stamped sender address,
the smtpd daemon will temporarily not reject RCPT TO commands for
that address, and the queue manager will silently discard mail to
it. In the case of address verify probes, the time window that
the address is valid can be less than one hour.
Wietse
