[imp] hardening imp against spammers
Michael M Slusarz
slusarz at mail.curecanti.org
Wed Jun 29 11:53:37 PDT 2005
Quoting Jon Lewis <jlewis at lewis.org>:
> If we can't shake the Nigerians (they appear to have images of or at least
> all the info including CVV2 codes for their stolen cards and are now using
> open proxies to access our webmail...so we're having a real hard time
> either stopping them from signing up or blocking them by IP from using
> webmail), I suspect the next things we'll need are the DNSBL support I
> mentioned (which I suspect is easy enough I might end up doing it), and
> some form of per-user message rate limiting...i.e. after sending X
> messages in Y time, you're done. That'd probably require a new SQL table
> holding a key, username, and timestamp in each row so that compose.php
> could then do a select and count up how many messages the user has sent
> recently and decide if the current message can be sent. I don't suppose
> someone's already done something like this?
DNSBL is a *very bad thing*. See
http://www.acme.com/mail_filtering/shame_frameset.html for a good
description of the issues.
Personal example: user sets up a machine on a home-based network that
is on a business broadbank link (i.e. small business operator from
home). The business broadband provider also happens to provide home
broadband support also. Complete idiot DNSBL maintainers blacklist the
user's address because a few (most definitely not all or even some)
users on the home broadband have either infected computers or are doing
bad things. Therefore, because DNSBL maintainers are lazy or
uneducated or both, instead of marking the individual addresses as bad
they instead mark the entire block of addresses registered to the
broadband provider as "bad" (We are talking entire Class C blocks
here). Since broadband provider does not provide information on how
their blocks are allocated, businesses lose the ability to run their
own servers due to ineptitude of DNSBL maintainers.
Quite honestly, it is a subtle form of discrimination in that DNSBL
maintainers can, by their actions, make certain broadband providers
less desirable due to the fact that their network connection is now
"tainted".
michael
_______________________________________
Michael Slusarz [slusarz at curecanti.org]
More information about the imp
mailing list