On Wed, Mar 27, 2002 at 02:06:57PM -0000, Tony Hoyle wrote:
> I can't see how this can work...
> 
> Spammers will simply put in a special case for '[EMAIL PROTECTED]' so
> they don't send to it.
> Malicious people will subscribe things like mailing lists to it.  All I
> would
> have to do to get the SA list on this would be to send a subscribe request
> with
> the [EMAIL PROTECTED] address - the confirmation email would be enough to get
> on the blocklist.
> 
This isn't what it is trying to do, the address isn't a trap for
spammers to send to (and wouldn't do anything if they spammed it anyway,
as the message has to be in a specific format in order to get added to
the database).  What they are doing is setting up a system where, rather
than having the server check if machines are open relays, other people
can exploit open relays to send these specially formatted messages to
add the relays to the list.  Bascically what happened is they discovered
that probing open relays is dangerous and can get you in trouble, so
they stopped doing that, now they want everyone else to do it for them,
which takes the risk off their shoulders and puts it on others.

-- 
Jason Kohles                                 [EMAIL PROTECTED]
Senior System Architect
Red Hat Professional Consulting              http://www.redhat.com/


_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to