On Sat, 16 Nov 2002 10:45:09 -0500 "Edward Guldemond" <[EMAIL PROTECTED]> wrote:
> On Sat, Nov 16, 2002 at 02:48:53AM -0600, Gerald V. Livingston II > wrote: > > > Many ISP's do not bounce mail sent to addresses that do not exist > > because robot software can use that info to build a database of > > valid addresses at that domain for spamming purposes. > > Doesn't this break RFC 822? I would think that a mail server should > bounce mail for addresses that do not exist anyway for the reasons you > mentioned. Oh well, that's what they get for running their mail > machines on Windows NT/2000... Yes, it breaks 822. But it's slowly becoming necessary for smaller operations. I worked for a smal ISP a few years ago and saw one of these robots in action. Through regular scanning of the logs we saw a LOT of bounced messages. Reading through them the robot started with 2 characters and was working its way up. [EMAIL PROTECTED], [EMAIL PROTECTED], etc. We blocked it by hand somewhere around [EMAIL PROTECTED] It was sucking the smtp server rescources hard. About three weeks later every customer we had with a valid address having 3 or fewer characters (lower than bm7) started getting spam from multiple sources. Whoever used the robot just compiled a list of the non-bounce addresses and sold the list. Really nasty. G -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
