Re: Strange Emails -- What are they?

[Michael Holstein <michael.holstein () csuohio edu>]

> When you try and send email to a non-existant address, the receiving server
> rejects during the smtp transaction so a return address is not needed since
> the sending bot gets this error message before the transaction is completed.

Depends on the MTA and how it's configured. Some will silently accept 
(and then either drop or later bounce) messages for a nonexistent address.

In the current scheme though, the bounces would be worthless since the 
return path is invalid. Note that intentionally *not* delivering bounces 
for bogus addresses violates the RFC, but a lot of sites do it anyway.

Most MTAs allow you to configure some sort of "DHA protection", or 
"tarpitting" .. meaning they'll limit the number of 
connections/recipients from any given host to (x con) per (y time). I'd 
go this route before you try greylisting (greylists are a PITA for 
endusers).

~Mike.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/