On Wed, Mar 27, 2002 at 02:06:57PM -0000, Tony Hoyle wrote: > I can't see how this can work... > > Spammers will simply put in a special case for '[EMAIL PROTECTED]' so > they don't send to it. > Malicious people will subscribe things like mailing lists to it. All I > would > have to do to get the SA list on this would be to send a subscribe request > with > the [EMAIL PROTECTED] address - the confirmation email would be enough to get > on the blocklist. > This isn't what it is trying to do, the address isn't a trap for spammers to send to (and wouldn't do anything if they spammed it anyway, as the message has to be in a specific format in order to get added to the database). What they are doing is setting up a system where, rather than having the server check if machines are open relays, other people can exploit open relays to send these specially formatted messages to add the relays to the list. Bascically what happened is they discovered that probing open relays is dangerous and can get you in trouble, so they stopped doing that, now they want everyone else to do it for them, which takes the risk off their shoulders and puts it on others.
-- Jason Kohles [EMAIL PROTECTED] Senior System Architect Red Hat Professional Consulting http://www.redhat.com/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
