On Thu, Feb 23, 2012 at 08:06:34AM -0600, Stan Hoeppner wrote: > On 2/23/2012 2:34 AM, rg86...@airpost.net wrote: > > I'm building a Postfix server with postscreen & a before-queue > > filter. > > > > I'm trying to get spamtraps working so that if a spamtrap address > > is in ANY of the recipients, then delivery of the message to ALL > > recipients is quietly DISCARDED. > > This isn't how spamtraps are typically implemented, and may be why > you're having trouble. The proper way to implement a spamtrap for > rejecting inbound spam is: > > 1. Check recipients of inbound connection for spamtrap address > 2. Append new sender address to an access table > 3. Use the table in a check_sender_access rule to reject inbound > spam--no need for discard
Why not the client address and check_client_access? I don't see how/why a sender listing would be useful. Was this a typo or a "thinko" on your part, Stan? :) I see the goal as being, in part, to detect a spammer in THIS transaction. That sounds reasonable to me. But the proper thing here would be to use a policy service in smtpd_data_restrictions. I fully agree with the reject vs. discard idea. You don't need to wait for end-of-DATA and waste that bandwidth (offer void where taxed or prohibited, or where the spammer properly implemented pipelining.) Also I consider it reckless and irresponsible to accept and discard mail unless you are absolutely certain it is spam. I would not have such confidence in this case. If a spammer is paid per delivery, why not reject? That way said spammer has to alter the results from his ratware to show more delivery success. :) > Pretty simple. I'm left wondering why/how you came up with the > method you describe above. Nobody does it that way. This leads me > to believe you don't really understand what a spamtrap is. > > Note that very few people do this. The reason is there are dozens > of spamtrap driven dnsbls freely available that have a few million > combined spamtrap addresses. You have one. Thus, the ROI is > typically extremely low for self run spamtraps. Agree here too, and with this: > Maybe it would be helpful if you explained exactly what you're > trying to do here, and the reasons why you wish to do so. There > are likely many alternatives that may well work better. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
