on 3/3/05 12:03 PM, Tom Collins <[EMAIL PROTECTED]> wrote: > On Mar 3, 2005, at 8:54 AM, Nick Harring wrote: >> No, it wouldn't require this. It would require that you edit the >> recipient list prior to queueing. There's nothing 'ugly' that I can see >> about that process. > > I think Nick's method would work for those who want to block anything > that scores as spam but not modify message headers. > > For others, like myself, who want to block at 10+ but tag as spam > anything with 5+, it will not work. In my case, each user would need > their own, custom copy of the email with the headers (and possible > rewritten message) based on their personal scoring configuration. > > I kind of like my original idea though, but would want to collect some > stats before implementing it. My idea is pretty simple -- for > non-relay hosts, after the first RCPT TO is accepted, reply to all > additional RCPT TO requests with a 4xx result. > > How many messages come into a server for multiple recipients in the > same domain?
Practically all spam coming to my server comes to multiple recipients. For non-spam messages this is much less frequent. > I guess if someone was mailing multiple people at the > same company, it would happen. But with most mailing lists using > custom bounce messages for each recipient, they wouldn't be affected. > > How about the spammers who email 100's of random usernames in a domain, > hoping to hit valid addresses? The 4xx response would at least slow > them down (and even stop them if their spam programs don't retry 4xx > responses). > > The biggest downside I can see is if someone sends a large email (say > with a file attached) to multiple people in one domain, then sending > server will have to push it through multiple times. Here is another possibility that comes to mind as a "transparent" solution. I don't know whether the scanner can be configured to work this way: Scan the incoming message based on each of the multiple recipients' settings. If *all* users agree to reject, then reject it at the SMTP level. In any other case mark the mail with a provisional spam status header line which indicates that scanning must be deferred until delivery time. Messages without the provisional status line are not scanned at delivery time. -Kurt
