Hello Christopher, Tuesday, October 26, 2004, 9:25:18 AM, Christopher X. Candreva responded to Dave Duffner:
>> Is there a way, possibly with SpamAssassin, to >> simply reject anything not going to a valid user account? CXC> I think the question is, why are you accepting mail that isn't CXC> going to a valid user account in the first place ? This should CXC> have happened in the SMTP dialog long before SA kicked in. As CXC> soon as the sending site says CXC> rcpt to: [EMAIL PROTECTED] CXC> You reply CXC> 550 User unknown. CXC> end of story. As mail manager for three domains, we accept all mail regardless of the validity of the destination email address. The reason is that we get a significant fraction of ham addressed to slightly invalid addresses (eg: email that should have gone to [EMAIL PROTECTED] will be addressed to [EMAIL PROTECTED] instead). We receive one or two of these a week. All of these are then fed through SA. Any that are flagged as spam get dumped into our global spamtrap, and are reviewed briefly for FPs. We receive about 5k spam a week across the three domains, and this FP review takes about 5 min/day. We do have some rules that check for reasonable validity of email addresses. For instance, we have no email addresses that end in multiple digits, so any /d/[EMAIL PROTECTED] can be flagged as spam and dumped. What we don't have is the ability to test for actually valid email addresses. If we could add a plugin to our system that would check for a) all valid pop3 account names, b) all valid auto-forwarding addresses, and add SA points to any email that does not reference one of these two classes of email addresses, that would be a big help to our anti-spam work. Exim apparently adds a Received header to our emails in the form > Received from [source] by [our server] for [email address]; [date] If we could read the email address from that header and compare it against the two classes, that would be perfect. Has anyone created or contemplated a plugin to do this sort of thing? I can't write such plugin myself, but I'd be glad to discuss ideas with anyone interested. Bob Menschel ps: In case anyone's concerned, we do NOT bounce any of this spam. All spam gets sa-learned and then filed into our corpus, without bounce.
